Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-9048 (GCVE-0-2017-9048)
Vulnerability from cvelistv5 – Published: 2017-05-18 06:13 – Updated: 2025-12-18 11:40
VLAI?
EPSS
Summary
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:55:22.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3952",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3952"
},
{
"name": "GLSA-201711-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/05/15/1"
},
{
"name": "98556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98556"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-9048",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T11:40:41.203637Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T11:40:50.027Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T14:07:10.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3952",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3952"
},
{
"name": "GLSA-201711-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2017/05/15/1"
},
{
"name": "98556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98556"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3952",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3952"
},
{
"name": "GLSA-201711-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-01"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/05/15/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2017/05/15/1"
},
{
"name": "98556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98556"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9048",
"datePublished": "2017-05-18T06:13:00.000Z",
"dateReserved": "2017-05-18T00:00:00.000Z",
"dateUpdated": "2025-12-18T11:40:50.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.debian.org/security/2017/dsa-3952\", \"name\": \"DSA-3952\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201711-01\", \"name\": \"GLSA-201711-01\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2017/05/15/1\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/98556\", \"name\": \"98556\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E\", \"name\": \"[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E\", \"name\": \"[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T16:55:22.155Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-9048\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-18T11:40:41.203637Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-18T11:40:19.740Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2017-05-18T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.debian.org/security/2017/dsa-3952\", \"name\": \"DSA-3952\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://security.gentoo.org/glsa/201711-01\", \"name\": \"GLSA-201711-01\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2017/05/15/1\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.securityfocus.com/bid/98556\", \"name\": \"98556\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E\", \"name\": \"[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E\", \"name\": \"[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2021-06-29T14:07:10.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.debian.org/security/2017/dsa-3952\", \"name\": \"DSA-3952\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://security.gentoo.org/glsa/201711-01\", \"name\": \"GLSA-201711-01\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2017/05/15/1\", \"name\": \"http://www.openwall.com/lists/oss-security/2017/05/15/1\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.securityfocus.com/bid/98556\", \"name\": \"98556\", \"refsource\": \"BID\"}, {\"url\": \"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E\", \"name\": \"[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E\", \"name\": \"[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8\", \"refsource\": \"MLIST\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-9048\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-9048\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-18T11:40:50.027Z\", \"dateReserved\": \"2017-05-18T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2017-05-18T06:13:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2018-AVI-293
Vulnerability from certfr_avis - Published: 2018-06-15 - Updated: 2018-06-15
De multiples vulnérabilités ont été découvertes dans Tenable Nessus Agent. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Tenable | Nessus Agent | Nessus Agent versions 7.0.3 et antérieures |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus Agent versions 7.0.3 et ant\u00e9rieures",
"product": {
"name": "Nessus Agent",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2327"
},
{
"name": "CVE-2017-9233",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9233"
},
{
"name": "CVE-2015-8383",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8383"
},
{
"name": "CVE-2015-3217",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3217"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2016-3191",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3191"
},
{
"name": "CVE-2017-11742",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11742"
},
{
"name": "CVE-2015-5073",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5073"
},
{
"name": "CVE-2017-7245",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7245"
},
{
"name": "CVE-2016-9842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9842"
},
{
"name": "CVE-2018-0739",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0739"
},
{
"name": "CVE-2017-9047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
},
{
"name": "CVE-2014-9769",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9769"
},
{
"name": "CVE-2015-8381",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8381"
},
{
"name": "CVE-2017-1000061",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000061"
},
{
"name": "CVE-2017-9048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
},
{
"name": "CVE-2015-8392",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8392"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2012-6139",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6139"
},
{
"name": "CVE-2016-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1283"
},
{
"name": "CVE-2017-9050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
},
{
"name": "CVE-2016-9318",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
},
{
"name": "CVE-2015-8395",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8395"
},
{
"name": "CVE-2016-9840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9840"
},
{
"name": "CVE-2017-16932",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
},
{
"name": "CVE-2017-5029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5029"
},
{
"name": "CVE-2015-9019",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9019"
},
{
"name": "CVE-2016-0718",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0718"
},
{
"name": "CVE-2016-5300",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5300"
},
{
"name": "CVE-2016-4472",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4472"
},
{
"name": "CVE-2016-9063",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9063"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2016-1684",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1684"
},
{
"name": "CVE-2018-0733",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0733"
},
{
"name": "CVE-2012-0876",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0876"
},
{
"name": "CVE-2012-6702",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6702"
},
{
"name": "CVE-2016-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
},
{
"name": "CVE-2014-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8964"
},
{
"name": "CVE-2015-8388",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8388"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2016-9841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9841"
},
{
"name": "CVE-2015-7995",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
},
{
"name": "CVE-2015-8385",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8385"
},
{
"name": "CVE-2015-8394",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8394"
},
{
"name": "CVE-2015-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8391"
},
{
"name": "CVE-2015-8386",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8386"
},
{
"name": "CVE-2015-8384",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8384"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2015-8380",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8380"
},
{
"name": "CVE-2015-8387",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8387"
},
{
"name": "CVE-2017-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2015-8382",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8382"
},
{
"name": "CVE-2018-11214",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11214"
},
{
"name": "CVE-2015-2328",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2328"
},
{
"name": "CVE-2017-9049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
},
{
"name": "CVE-2015-8390",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8390"
},
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2017-8872",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8872"
},
{
"name": "CVE-2016-1683",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1683"
},
{
"name": "CVE-2015-8389",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8389"
},
{
"name": "CVE-2017-5969",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5969"
}
],
"initial_release_date": "2018-06-15T00:00:00",
"last_revision_date": "2018-06-15T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-293",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-06-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus\nAgent. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus Agent",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2018-09 du 14 juin 2018",
"url": "https://www.tenable.com/security/tns-2018-09"
}
]
}
CERTFR-2018-AVI-288
Vulnerability from certfr_avis - Published: 2018-06-14 - Updated: 2018-06-14
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus toutes versions ant\u00e9rieures \u00e0 7.1.1",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2327"
},
{
"name": "CVE-2017-9233",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9233"
},
{
"name": "CVE-2015-8383",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8383"
},
{
"name": "CVE-2015-3217",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3217"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2016-3191",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3191"
},
{
"name": "CVE-2017-11742",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11742"
},
{
"name": "CVE-2015-5073",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5073"
},
{
"name": "CVE-2017-7245",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7245"
},
{
"name": "CVE-2016-9842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9842"
},
{
"name": "CVE-2017-9047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
},
{
"name": "CVE-2014-9769",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9769"
},
{
"name": "CVE-2015-8381",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8381"
},
{
"name": "CVE-2017-1000061",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000061"
},
{
"name": "CVE-2017-9048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
},
{
"name": "CVE-2015-8392",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8392"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2012-6139",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6139"
},
{
"name": "CVE-2016-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1283"
},
{
"name": "CVE-2017-9050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
},
{
"name": "CVE-2016-9318",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
},
{
"name": "CVE-2015-8395",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8395"
},
{
"name": "CVE-2016-9840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9840"
},
{
"name": "CVE-2017-16932",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
},
{
"name": "CVE-2017-5029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5029"
},
{
"name": "CVE-2015-9019",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9019"
},
{
"name": "CVE-2016-0718",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0718"
},
{
"name": "CVE-2016-5300",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5300"
},
{
"name": "CVE-2016-4472",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4472"
},
{
"name": "CVE-2016-9063",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9063"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2016-1684",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1684"
},
{
"name": "CVE-2012-0876",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0876"
},
{
"name": "CVE-2012-6702",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6702"
},
{
"name": "CVE-2016-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
},
{
"name": "CVE-2014-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8964"
},
{
"name": "CVE-2015-8388",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8388"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2016-9841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9841"
},
{
"name": "CVE-2015-7995",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
},
{
"name": "CVE-2015-8385",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8385"
},
{
"name": "CVE-2015-8394",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8394"
},
{
"name": "CVE-2015-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8391"
},
{
"name": "CVE-2015-8386",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8386"
},
{
"name": "CVE-2015-8384",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8384"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2015-8380",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8380"
},
{
"name": "CVE-2015-8387",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8387"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2015-8382",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8382"
},
{
"name": "CVE-2018-11214",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11214"
},
{
"name": "CVE-2015-2328",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2328"
},
{
"name": "CVE-2017-9049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
},
{
"name": "CVE-2015-8390",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8390"
},
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2017-8872",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8872"
},
{
"name": "CVE-2016-1683",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1683"
},
{
"name": "CVE-2015-8389",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8389"
},
{
"name": "CVE-2017-5969",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5969"
}
],
"initial_release_date": "2018-06-14T00:00:00",
"last_revision_date": "2018-06-14T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-288",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-06-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2018-08 du 13 juin 2018",
"url": "https://www.tenable.com/security/tns-2018-08"
}
]
}
CERTFR-2023-AVI-0499
Vulnerability from certfr_avis - Published: 2023-06-30 - Updated: 2023-06-30
De multiples vulnérabilités ont été découvertes dans Tenable Nessus Network Monitor. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Tenable | Nessus Network Monitor | Nessus Network Monitor versions antérieures à 6.2.2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus Network Monitor versions ant\u00e9rieures \u00e0 6.2.2",
"product": {
"name": "Nessus Network Monitor",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2020-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2016-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
},
{
"name": "CVE-2019-19317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
},
{
"name": "CVE-2020-24977",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
},
{
"name": "CVE-2012-5134",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5134"
},
{
"name": "CVE-2016-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4609"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2016-9596",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9596"
},
{
"name": "CVE-2021-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
},
{
"name": "CVE-2013-0338",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0338"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2021-3537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
},
{
"name": "CVE-2019-19244",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
},
{
"name": "CVE-2017-9047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
},
{
"name": "CVE-2017-1000381",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000381"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2023-31124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31124"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-23395",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23395"
},
{
"name": "CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2017-1000061",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000061"
},
{
"name": "CVE-2017-9048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
},
{
"name": "CVE-2019-19926",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2019-9936",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
},
{
"name": "CVE-2012-6139",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6139"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2020-35525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
},
{
"name": "CVE-2017-9050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2017-15412",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15412"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2017-16932",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
},
{
"name": "CVE-2013-1969",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1969"
},
{
"name": "CVE-2017-5029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5029"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2010-4494",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"name": "CVE-2015-9019",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9019"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2015-8241",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8241"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2011-3970",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
},
{
"name": "CVE-2019-19646",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
},
{
"name": "CVE-2012-2871",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2011-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1944"
},
{
"name": "CVE-2015-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2016-1834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
},
{
"name": "CVE-2019-19925",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
},
{
"name": "CVE-2019-11068",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11068"
},
{
"name": "CVE-2012-2870",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2019-19924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2013-0339",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0339"
},
{
"name": "CVE-2016-1684",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1684"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2019-20388",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
},
{
"name": "CVE-2019-13117",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13117"
},
{
"name": "CVE-2019-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
},
{
"name": "CVE-2023-31147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31147"
},
{
"name": "CVE-2018-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
},
{
"name": "CVE-2015-7499",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7499"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2016-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
},
{
"name": "CVE-2017-5130",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5130"
},
{
"name": "CVE-2019-8457",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2015-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7500"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2015-5312",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5312"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2019-19242",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"name": "CVE-2016-2073",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2073"
},
{
"name": "CVE-2015-7497",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7497"
},
{
"name": "CVE-2015-7941",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7941"
},
{
"name": "CVE-2016-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
},
{
"name": "CVE-2015-7995",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
},
{
"name": "CVE-2015-7942",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7942"
},
{
"name": "CVE-2015-8710",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8710"
},
{
"name": "CVE-2019-19880",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
},
{
"name": "CVE-2015-7498",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7498"
},
{
"name": "CVE-2015-8317",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8317"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2021-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3672"
},
{
"name": "CVE-2015-8242",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8242"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2016-1840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2016-9598",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9598"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2019-13118",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13118"
},
{
"name": "CVE-2016-4607",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4607"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2016-3709",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
},
{
"name": "CVE-2016-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
},
{
"name": "CVE-2012-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0841"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2016-9597",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9597"
},
{
"name": "CVE-2015-8806",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8806"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2019-19645",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
},
{
"name": "CVE-2016-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
},
{
"name": "CVE-2016-5180",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5180"
},
{
"name": "CVE-2013-2877",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2877"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2010-4008",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
},
{
"name": "CVE-2021-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
},
{
"name": "CVE-2018-14404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
},
{
"name": "CVE-2019-16168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
},
{
"name": "CVE-2021-30560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30560"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2017-7376",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2014-3660",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
},
{
"name": "CVE-2017-9049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
},
{
"name": "CVE-2019-19923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2019-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
},
{
"name": "CVE-2019-5815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5815"
},
{
"name": "CVE-2019-19959",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
},
{
"name": "CVE-2019-19603",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
},
{
"name": "CVE-2011-1202",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
},
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2017-8872",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8872"
},
{
"name": "CVE-2020-35527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
},
{
"name": "CVE-2016-1683",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1683"
},
{
"name": "CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"name": "CVE-2017-5969",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5969"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
},
{
"name": "CVE-2016-4483",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4483"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2013-4520",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4520"
}
],
"initial_release_date": "2023-06-30T00:00:00",
"last_revision_date": "2023-06-30T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0499",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-06-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus\nNetwork Monitor. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\nex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus Network Monitor",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2023-23 du 29 juin 2023",
"url": "https://www.tenable.com/security/tns-2023-23"
}
]
}
CERTFR-2023-AVI-1015
Vulnerability from certfr_avis - Published: 2023-12-12 - Updated: 2023-12-12
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions | ||
| Siemens | N/A | Opcenter Quality toutes versions | ||
| Siemens | N/A | SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC PC-Station Plus toutes versions | ||
| Siemens | N/A | POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions antérieures à V2.60 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions | ||
| Siemens | N/A | LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SINUMERIK MC toutes versions | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions | ||
| Siemens | N/A | SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions | ||
| Siemens | N/A | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions | ||
| Siemens | N/A | LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions | ||
| Siemens | N/A | SINUMERIK ONE toutes versions | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SINAMICS S120 (incl. SIPLUS variants) versions antérieures à V5.2 SP3 HF15 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions antérieures à V2.60 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions | ||
| Siemens | N/A | SINUMERIK Integrate RunMyHMI /Automotive toutes versions | ||
| Siemens | N/A | SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SINAMICS S210 (6SL5...) versions supérieures ou égales àV6.1 versions antérieures à V6.1 HF2 | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions | ||
| Siemens | N/A | SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC STEP 7 (TIA Portal) versions antérieures à V19 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-PLCSIM Advanced versions antérieures à V6.0 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions | ||
| Siemens | N/A | LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC PCS neo versions antérieures à V4.1 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SINAMICS S210 (6SL5...) versions supérieures à V6.1 et antérieure à V6.1 HF2 | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SINEC INS versions antérieures à V1.0 SP2 Update 2 | ||
| Siemens | N/A | LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC CP 1243-7 LTE toutes versions | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions | ||
| Siemens | N/A | LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V8.0 | ||
| Siemens | N/A | Totally Integrated Automation Portal (TIA Portal) versions V14 à V18 antérieures à V18 Update 3 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Opcenter Quality toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PC-Station Plus toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK MC toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK ONE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 V5.2 SP3 HF15",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK Integrate RunMyHMI /Automotive toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures ou \u00e9gales \u00e0V6.1 versions ant\u00e9rieures \u00e0 V6.1 HF2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 (TIA Portal) versions ant\u00e9rieures \u00e0 V19",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-PLCSIM Advanced versions ant\u00e9rieures \u00e0 V6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS neo versions ant\u00e9rieures \u00e0 V4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures \u00e0 V6.1 et ant\u00e9rieure \u00e0 V6.1 HF2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC INS versions ant\u00e9rieures \u00e0 V1.0 SP2 Update 2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-7 LTE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Totally Integrated Automation Portal (TIA Portal) versions V14 \u00e0 V18 ant\u00e9rieures \u00e0 V18 Update 3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2017-7376",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
},
{
"name": "CVE-2017-0663",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0663"
},
{
"name": "CVE-2017-9047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
},
{
"name": "CVE-2017-9048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2017-9050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2017-9049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
},
{
"name": "CVE-2017-16932",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
},
{
"name": "CVE-2016-9318",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
},
{
"name": "CVE-2018-0495",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0495"
},
{
"name": "CVE-2019-6111",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6111"
},
{
"name": "CVE-2019-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
},
{
"name": "CVE-2019-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
},
{
"name": "CVE-2019-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
},
{
"name": "CVE-2019-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
},
{
"name": "CVE-2019-8457",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
},
{
"name": "CVE-2019-5443",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
},
{
"name": "CVE-2019-6109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6109"
},
{
"name": "CVE-2019-15903",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
},
{
"name": "CVE-2019-3859",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3859"
},
{
"name": "CVE-2019-3861",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3861"
},
{
"name": "CVE-2019-3860",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3860"
},
{
"name": "CVE-2019-3858",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3858"
},
{
"name": "CVE-2019-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
},
{
"name": "CVE-2019-13565",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13565"
},
{
"name": "CVE-2019-13057",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13057"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2019-16168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
},
{
"name": "CVE-2019-19926",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
},
{
"name": "CVE-2019-19925",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
},
{
"name": "CVE-2019-19880",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
},
{
"name": "CVE-2019-19923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
},
{
"name": "CVE-2019-5018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5018"
},
{
"name": "CVE-2019-9936",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
},
{
"name": "CVE-2019-5482",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
},
{
"name": "CVE-2019-19646",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
},
{
"name": "CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"name": "CVE-2020-8169",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2019-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2018-20843",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2020-25709",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25709"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-8285",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
},
{
"name": "CVE-2020-8286",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
},
{
"name": "CVE-2020-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36221"
},
{
"name": "CVE-2020-36224",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36224"
},
{
"name": "CVE-2020-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36222"
},
{
"name": "CVE-2020-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36227"
},
{
"name": "CVE-2020-36225",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36225"
},
{
"name": "CVE-2020-36228",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36228"
},
{
"name": "CVE-2020-36223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36223"
},
{
"name": "CVE-2020-36229",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36229"
},
{
"name": "CVE-2020-36226",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36226"
},
{
"name": "CVE-2020-36230",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36230"
},
{
"name": "CVE-2020-10531",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10531"
},
{
"name": "CVE-2021-28363",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28363"
},
{
"name": "CVE-2020-8284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2021-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
},
{
"name": "CVE-2021-22901",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
},
{
"name": "CVE-2019-17543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17543"
},
{
"name": "CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2019-19645",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
},
{
"name": "CVE-2019-20907",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20907"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2021-20305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20305"
},
{
"name": "CVE-2019-20388",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
},
{
"name": "CVE-2020-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12243"
},
{
"name": "CVE-2020-29573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29573"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2019-5188",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5188"
},
{
"name": "CVE-2019-5094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5094"
},
{
"name": "CVE-2020-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2021-33910",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
},
{
"name": "CVE-2021-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27219"
},
{
"name": "CVE-2021-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27218"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2020-24977",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2020-29362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29362"
},
{
"name": "CVE-2019-9169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9169"
},
{
"name": "CVE-2020-29363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29363"
},
{
"name": "CVE-2021-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
},
{
"name": "CVE-2020-13776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13776"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2020-25692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25692"
},
{
"name": "CVE-2016-10228",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10228"
},
{
"name": "CVE-2020-29361",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29361"
},
{
"name": "CVE-2021-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2020-8231",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-3516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3516"
},
{
"name": "CVE-2021-3537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
},
{
"name": "CVE-2020-8315",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8315"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-22926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-22947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
},
{
"name": "CVE-2021-22945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2020-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2019-9948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9948"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2019-6110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6110"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2019-16905",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16905"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46143"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2019-5436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5436"
},
{
"name": "CVE-2022-25313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2019-19603",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
},
{
"name": "CVE-2021-22890",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
},
{
"name": "CVE-2021-22876",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
},
{
"name": "CVE-2019-19317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
},
{
"name": "CVE-2019-19924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
},
{
"name": "CVE-2021-22924",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
},
{
"name": "CVE-2021-22897",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2021-22923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
},
{
"name": "CVE-2019-19242",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
},
{
"name": "CVE-2021-22898",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
},
{
"name": "CVE-2021-22922",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
},
{
"name": "CVE-2019-19244",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2018-14404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
},
{
"name": "CVE-2019-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2019-10160",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10160"
},
{
"name": "CVE-2019-16056",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16056"
},
{
"name": "CVE-2020-12762",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
},
{
"name": "CVE-2019-17594",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17594"
},
{
"name": "CVE-2019-17595",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17595"
},
{
"name": "CVE-2021-20231",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20231"
},
{
"name": "CVE-2021-36085",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36085"
},
{
"name": "CVE-2021-36084",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36084"
},
{
"name": "CVE-2021-20232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20232"
},
{
"name": "CVE-2021-36086",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36086"
},
{
"name": "CVE-2021-3580",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
},
{
"name": "CVE-2021-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36087"
},
{
"name": "CVE-2021-33560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
},
{
"name": "CVE-2021-28153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28153"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-29155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29155"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-2274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2274"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2020-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25710"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2018-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2022-27778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2019-18348",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
},
{
"name": "CVE-2020-15523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2020-15778",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2023-25136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25136"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2018-12886",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12886"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2023-1077",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-30115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2023-31238",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31238"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2023-30901",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30901"
},
{
"name": "CVE-2021-3998",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3998"
},
{
"name": "CVE-2019-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
},
{
"name": "CVE-2020-35527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2019-19959",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
},
{
"name": "CVE-2020-35525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2016-3709",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2023-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-34319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34319"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2023-28831",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28831"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-4921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
},
{
"name": "CVE-2023-39192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
},
{
"name": "CVE-2023-39193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
},
{
"name": "CVE-2023-42754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
},
{
"name": "CVE-2023-39194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-42755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-31085",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
},
{
"name": "CVE-2023-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-44321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
},
{
"name": "CVE-2023-44374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44374"
},
{
"name": "CVE-2023-44320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
},
{
"name": "CVE-2023-44319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
},
{
"name": "CVE-2023-44317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
},
{
"name": "CVE-2023-44318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44318"
},
{
"name": "CVE-2023-44373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"name": "CVE-2023-44322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2023-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
},
{
"name": "CVE-2023-45871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
},
{
"name": "CVE-2020-19186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19186"
},
{
"name": "CVE-2020-19190",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19190"
},
{
"name": "CVE-2020-19185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19185"
},
{
"name": "CVE-2020-19189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
},
{
"name": "CVE-2020-19187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19187"
},
{
"name": "CVE-2020-19188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19188"
},
{
"name": "CVE-2020-19909",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
},
{
"name": "CVE-2019-11360",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11360"
},
{
"name": "CVE-2019-13627",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13627"
},
{
"name": "CVE-2019-7309",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7309"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2019-1010024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010024"
},
{
"name": "CVE-2022-47375",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47375"
},
{
"name": "CVE-2019-19126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19126"
},
{
"name": "CVE-2023-46283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46283"
},
{
"name": "CVE-2023-46282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46282"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2014-7209",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7209"
},
{
"name": "CVE-2023-48431",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48431"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2017-17512",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17512"
},
{
"name": "CVE-2020-1712",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1712"
},
{
"name": "CVE-2023-48430",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48430"
},
{
"name": "CVE-2019-6488",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6488"
},
{
"name": "CVE-2023-39128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39128"
},
{
"name": "CVE-2018-20482",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20482"
},
{
"name": "CVE-2021-27212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27212"
},
{
"name": "CVE-2019-5481",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
},
{
"name": "CVE-2021-43396",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43396"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2019-20795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20795"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2019-9674",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9674"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2020-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21913"
},
{
"name": "CVE-2019-12904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12904"
},
{
"name": "CVE-2021-28041",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28041"
},
{
"name": "CVE-2022-42784",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42784"
},
{
"name": "CVE-2023-48427",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48427"
},
{
"name": "CVE-2020-24659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24659"
},
{
"name": "CVE-2023-48429",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48429"
},
{
"name": "CVE-2020-12062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12062"
},
{
"name": "CVE-2019-1010023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010023"
},
{
"name": "CVE-2023-49692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49692"
},
{
"name": "CVE-2016-10739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10739"
},
{
"name": "CVE-2019-1010180",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010180"
},
{
"name": "CVE-2023-46285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46285"
},
{
"name": "CVE-2023-46156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46156"
},
{
"name": "CVE-2019-5435",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
},
{
"name": "CVE-2019-15847",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15847"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2019-20367",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20367"
},
{
"name": "CVE-2023-46284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46284"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2021-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3826"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2019-1010022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010022"
},
{
"name": "CVE-2020-6096",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6096"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-48428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48428"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2019-17498",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
},
{
"name": "CVE-2023-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49691"
},
{
"name": "CVE-2023-25139",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25139"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2020-1751",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1751"
},
{
"name": "CVE-2019-1010025",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010025"
},
{
"name": "CVE-2019-12290",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12290"
},
{
"name": "CVE-2019-18224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18224"
},
{
"name": "CVE-2018-18928",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18928"
},
{
"name": "CVE-2022-27943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27943"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2020-21047",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21047"
},
{
"name": "CVE-2021-46195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46195"
},
{
"name": "CVE-2023-38380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38380"
},
{
"name": "CVE-2023-28531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28531"
},
{
"name": "CVE-2020-11501",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11501"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2022-47374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47374"
},
{
"name": "CVE-2023-46281",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46281"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2020-15801",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15801"
},
{
"name": "CVE-2022-46141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46141"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2020-13529",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13529"
},
{
"name": "CVE-2023-27371",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27371"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2019-9923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9923"
},
{
"name": "CVE-2020-13777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13777"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2020-14422",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14422"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2021-4209",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4209"
},
{
"name": "CVE-2018-19591",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19591"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
}
],
"initial_release_date": "2023-12-12T00:00:00",
"last_revision_date": "2023-12-12T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-1015",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-844582 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-180704 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-480095.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-077170 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-480095 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-118850 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-068047 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-077170.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-892915 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-999588 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-280603 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-693975 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-892915.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-887801 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-887801.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-592380 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-844582.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-398330 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html"
}
]
}
CNVD-2017-07327
Vulnerability from cnvd - Published: 2017-05-24
VLAI Severity ?
Title
libxml2栈缓冲区溢出漏洞
Description
libxml2是GNOME项目组所研发的一个基于C语言的用来解析XML文档的函数库,它支持多种编码格式、Xpath解析、Well-formed和valid验证等。
libxml2 20904-GITv2.9.4-16-g0741801版本中存在栈缓冲区溢出漏洞。攻击者可利用该漏洞造成拒绝服务(程序崩溃)。
Severity
中
Formal description
目前厂商暂未发布修复措施解决此安全问题,建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法: http://xmlsoft.org/
Reference
http://www.openwall.com/lists/oss-security/2017/05/15/1
Impacted products
| Name | libxml2 libxml2 20904-GITv2.9.4-16-g0741801 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-9048"
}
},
"description": "libxml2\u662fGNOME\u9879\u76ee\u7ec4\u6240\u7814\u53d1\u7684\u4e00\u4e2a\u57fa\u4e8eC\u8bed\u8a00\u7684\u7528\u6765\u89e3\u6790XML\u6587\u6863\u7684\u51fd\u6570\u5e93\uff0c\u5b83\u652f\u6301\u591a\u79cd\u7f16\u7801\u683c\u5f0f\u3001Xpath\u89e3\u6790\u3001Well-formed\u548cvalid\u9a8c\u8bc1\u7b49\u3002\r\n\r\nlibxml2 20904-GITv2.9.4-16-g0741801\u7248\u672c\u4e2d\u5b58\u5728\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u7a0b\u5e8f\u5d29\u6e83\uff09\u3002",
"discovererName": "Marcel B\u00f6hme",
"formalWay": "\u76ee\u524d\u5382\u5546\u6682\u672a\u53d1\u5e03\u4fee\u590d\u63aa\u65bd\u89e3\u51b3\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u53c2\u8003\u7f51\u5740\u4ee5\u83b7\u53d6\u89e3\u51b3\u529e\u6cd5\uff1a\r\nhttp://xmlsoft.org/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-07327",
"openTime": "2017-05-24",
"products": {
"product": "libxml2 libxml2 20904-GITv2.9.4-16-g0741801"
},
"referenceLink": "http://www.openwall.com/lists/oss-security/2017/05/15/1",
"serverity": "\u4e2d",
"submitTime": "2017-05-22",
"title": "libxml2\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
GHSA-RF96-7WVX-58W8
Vulnerability from github – Published: 2022-05-13 01:08 – Updated: 2025-04-20 03:37
VLAI?
Details
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2017-9048"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-05-18T06:29:00Z",
"severity": "HIGH"
},
"details": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
"id": "GHSA-rf96-7wvx-58w8",
"modified": "2025-04-20T03:37:49Z",
"published": "2022-05-13T01:08:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9048"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201711-01"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3952"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/05/15/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98556"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
CVE-2017-9048
Vulnerability from fstec - Published: 15.05.2017
VLAI Severity ?
Title
Уязвимость реализации функции xmlSnprintfElementContent() библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость реализации функции xmlSnprintfElementContent() библиотеки libxml2 связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании
Severity ?
Vendor
Canonical Ltd., Сообщество свободного программного обеспечения, IBM Corp., Red Hat Inc., Intel Corp.
Software Name
Ubuntu, Debian GNU/Linux, Security Guardium, libxml2, Red Hat Enterprise Linux, JBoss Core Services, App Connect Enterprise Certified Container, Cognos Analytics, Manycore Platform Software Stack (MPSS)
Software Version
17.04 (Ubuntu), 9 (Debian GNU/Linux), 10.0 (Security Guardium), 10.0.1 (Security Guardium), 10.1 (Security Guardium), 10.1.2 (Security Guardium), до 2.9.4 (libxml2), 12.04 ESM (Ubuntu), 8 (Red Hat Enterprise Linux), 14.04 ESM (Ubuntu), 8 (Debian GNU/Linux), 7 (Debian GNU/Linux), - (JBoss Core Services), 1 (JBoss Core Services), 16.04 ESM (Ubuntu), 4.1 (App Connect Enterprise Certified Container), 4.2 (App Connect Enterprise Certified Container), 5.0-lts (App Connect Enterprise Certified Container), 5.1 (App Connect Enterprise Certified Container), 5.2 (App Connect Enterprise Certified Container), 6.0 (App Connect Enterprise Certified Container), до 11.0.10.0 (Cognos Analytics), до 3.8.3 (Manycore Platform Software Stack (MPSS)), 10.1.3 (Security Guardium)
Possible Mitigations
Использование рекомендаций:
Для libxml2:
https://gitlab.gnome.org/GNOME/libxml2/-/commit/932cc9896ab
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2017-9048
Для Debian:
https://security-tracker.debian.org/tracker/CVE-2017-9048
Для Ubuntu:
https://ubuntu.com/security/notices/USN-3424-1
https://ubuntu.com/security/notices/USN-3424-2
Для программных продуктов IBM Corp.:
https://www.ibm.com/support/pages/node/6837647
https://www.ibm.com/support/pages/node/567705
https://www.ibm.com/support/pages/node/868882
https://www.ibm.com/support/pages/node/295723
https://www.ibm.com/support/pages/node/301165
Reference
https://bugzilla.redhat.com/show_bug.cgi?id=1452549
https://gitlab.gnome.org/GNOME/libxml2/-/commit/932cc9896ab
https://access.redhat.com/security/cve/cve-2017-9048
https://security-tracker.debian.org/tracker/CVE-2017-9048
https://ubuntu.com/security/notices/USN-3424-1
https://ubuntu.com/security/notices/USN-3424-2
https://www.ibm.com/support/pages/node/6837647
https://www.ibm.com/support/pages/node/567705
https://www.ibm.com/support/pages/node/868882
https://www.ibm.com/support/pages/node/295723
https://www.ibm.com/support/pages/node/301165
https://nvd.nist.gov/vuln/detail/CVE-2017-9048
CWE
CWE-119, CWE-121
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, IBM Corp., Red Hat Inc., Intel Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "17.04 (Ubuntu), 9 (Debian GNU/Linux), 10.0 (Security Guardium), 10.0.1 (Security Guardium), 10.1 (Security Guardium), 10.1.2 (Security Guardium), \u0434\u043e 2.9.4 (libxml2), 12.04 ESM (Ubuntu), 8 (Red Hat Enterprise Linux), 14.04 ESM (Ubuntu), 8 (Debian GNU/Linux), 7 (Debian GNU/Linux), - (JBoss Core Services), 1 (JBoss Core Services), 16.04 ESM (Ubuntu), 4.1 (App Connect Enterprise Certified Container), 4.2 (App Connect Enterprise Certified Container), 5.0-lts (App Connect Enterprise Certified Container), 5.1 (App Connect Enterprise Certified Container), 5.2 (App Connect Enterprise Certified Container), 6.0 (App Connect Enterprise Certified Container), \u0434\u043e 11.0.10.0 (Cognos Analytics), \u0434\u043e 3.8.3 (Manycore Platform Software Stack (MPSS)), 10.1.3 (Security Guardium)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f libxml2:\nhttps://gitlab.gnome.org/GNOME/libxml2/-/commit/932cc9896ab\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2017-9048\n\n\u0414\u043b\u044f Debian:\nhttps://security-tracker.debian.org/tracker/CVE-2017-9048\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/notices/USN-3424-1\nhttps://ubuntu.com/security/notices/USN-3424-2\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 IBM Corp.:\nhttps://www.ibm.com/support/pages/node/6837647\nhttps://www.ibm.com/support/pages/node/567705\nhttps://www.ibm.com/support/pages/node/868882\nhttps://www.ibm.com/support/pages/node/295723\nhttps://www.ibm.com/support/pages/node/301165",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "15.05.2017",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.12.2022",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.12.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-07417",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2017-9048",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, Security Guardium, libxml2, Red Hat Enterprise Linux, JBoss Core Services, App Connect Enterprise Certified Container, Cognos Analytics, Manycore Platform Software Stack (MPSS)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 17.04 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Canonical Ltd. Ubuntu 12.04 ESM , Red Hat Inc. Red Hat Enterprise Linux 8 , Canonical Ltd. Ubuntu 14.04 ESM , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 7 , Canonical Ltd. Ubuntu 16.04 ESM ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 xmlSnprintfElementContent() \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 libxml2, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119), \u041f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435 (CWE-121)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 xmlSnprintfElementContent() \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 libxml2 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://bugzilla.redhat.com/show_bug.cgi?id=1452549\nhttps://gitlab.gnome.org/GNOME/libxml2/-/commit/932cc9896ab\nhttps://access.redhat.com/security/cve/cve-2017-9048\nhttps://security-tracker.debian.org/tracker/CVE-2017-9048\nhttps://ubuntu.com/security/notices/USN-3424-1\nhttps://ubuntu.com/security/notices/USN-3424-2\nhttps://www.ibm.com/support/pages/node/6837647\nhttps://www.ibm.com/support/pages/node/567705\nhttps://www.ibm.com/support/pages/node/868882\nhttps://www.ibm.com/support/pages/node/295723\nhttps://www.ibm.com/support/pages/node/301165\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-9048",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119, CWE-121",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
GSD-2017-9048
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-9048",
"description": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
"id": "GSD-2017-9048",
"references": [
"https://www.suse.com/security/cve/CVE-2017-9048.html",
"https://www.debian.org/security/2017/dsa-3952",
"https://access.redhat.com/errata/RHSA-2018:2486",
"https://ubuntu.com/security/CVE-2017-9048",
"https://advisories.mageia.org/CVE-2017-9048.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-9048"
],
"details": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
"id": "GSD-2017-9048",
"modified": "2023-12-13T01:21:07.510020Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3952",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3952"
},
{
"name": "GLSA-201711-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-01"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/05/15/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2017/05/15/1"
},
{
"name": "98556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98556"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[2.9.4]",
"affected_versions": "Version 2.9.4",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-119",
"CWE-937"
],
"date": "2021-06-29",
"description": "libxml2 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash.",
"fixed_versions": [],
"identifier": "CVE-2017-9048",
"identifiers": [
"CVE-2017-9048"
],
"not_impacted": "",
"package_slug": "nuget/libxml2",
"pubdate": "2017-05-18",
"solution": "Unfortunately, there is no solution available yet.",
"title": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2017-9048"
],
"uuid": "012708fa-47ff-421f-8400-64683a1a8da8"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9048"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openwall.com/lists/oss-security/2017/05/15/1",
"refsource": "MISC",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/05/15/1"
},
{
"name": "98556",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98556"
},
{
"name": "DSA-3952",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2017/dsa-3952"
},
{
"name": "GLSA-201711-01",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201711-01"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2021-06-29T15:15Z",
"publishedDate": "2017-05-18T06:29Z"
}
}
}
FKIE_CVE-2017-9048
Vulnerability from fkie_nvd - Published: 2017-05-18 06:29 - Updated: 2025-12-18 12:15
Severity ?
Summary
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3952 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/05/15/1 | Exploit, Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/98556 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201711-01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3952 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/05/15/1 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98556 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201711-01 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "430C1FDF-1239-4FF2-B5A4-8CED209B8036",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer \u0027buf\u0027 of size \u0027size\u0027. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 \u003c size. This vulnerability causes programs that use libxml2, such as PHP, to crash."
},
{
"lang": "es",
"value": "En libxml2 versi\u00f3n 20904-GITv2.9.4-16-g0741801 es vulnerable a un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. La funci\u00f3n xmlSnprintfElementContent en el archivo valid.c debe volcar recursivamente la definici\u00f3n del contenido del elemento en un b\u00fafer de caracteres \u0027buf\u0027 de tama\u00f1o \u0027tama\u00f1o\u0027. Al final de la rutina, la funci\u00f3n puede representar dos caracteres m\u00e1s sin comprobar si el actual strlen(buf) + 2 es menor que size. Esta vulnerabilidad causa que los programas que usan libxml2, como PHP, se bloqueen."
}
],
"id": "CVE-2017-9048",
"lastModified": "2025-12-18T12:15:52.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2017-05-18T06:29:00.433",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3952"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/05/15/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98556"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201711-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/05/15/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…