Vulnerability-Lookup

CVE-2019-17595 (GCVE-0-2019-17595)

Vulnerability from cvelistv5 – Published: 2019-10-14 20:42 – Updated: 2024-08-05 01:47

Summary

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://lists.gnu.org/archive/html/bug-ncurses/20…	x_refsource_MISC
	https://lists.gnu.org/archive/html/bug-ncurses/20…	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://security.gentoo.org/glsa/202101-28	vendor-advisoryx_refsource_GENTOO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:47:13.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html"
          },
          {
            "name": "openSUSE-SU-2019:2551",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html"
          },
          {
            "name": "openSUSE-SU-2019:2550",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html"
          },
          {
            "name": "GLSA-202101-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202101-28"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-26T02:06:15.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html"
        },
        {
          "name": "openSUSE-SU-2019:2551",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html"
        },
        {
          "name": "openSUSE-SU-2019:2550",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html"
        },
        {
          "name": "GLSA-202101-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202101-28"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-17595",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html",
              "refsource": "MISC",
              "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html"
            },
            {
              "name": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html",
              "refsource": "MISC",
              "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html"
            },
            {
              "name": "openSUSE-SU-2019:2551",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html"
            },
            {
              "name": "openSUSE-SU-2019:2550",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html"
            },
            {
              "name": "GLSA-202101-28",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202101-28"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-17595",
    "datePublished": "2019-10-14T20:42:57.000Z",
    "dateReserved": "2019-10-14T00:00:00.000Z",
    "dateUpdated": "2024-08-05T01:47:13.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2019-17595

Vulnerability from fkie_nvd - Published: 2019-10-14 21:15 - Updated: 2024-11-21 04:32

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Summary

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html	Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html	Third Party Advisory
cve@mitre.org	https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html	Exploit, Mailing List, Vendor Advisory
cve@mitre.org	https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html	Mailing List, Patch, Vendor Advisory
cve@mitre.org	https://security.gentoo.org/glsa/202101-28	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html	Exploit, Mailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html	Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202101-28	Third Party Advisory

Impacted products

Vendor	Product	Version
gnu	ncurses	*
opensuse	leap	15.0
opensuse	leap	15.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "690289FF-7684-484B-BE71-30A216C66750",
              "versionEndExcluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012."
    },
    {
      "lang": "es",
      "value": "Hay una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap) en la funci\u00f3n fmt_entry en tinfo/comp_hash.c en la biblioteca terminfo en ncurses en versiones anteriores a la 6.1-20191012."
    }
  ],
  "id": "CVE-2019-17595",
  "lastModified": "2024-11-21T04:32:36.323",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-14T21:15:11.427",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202101-28"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202101-28"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2019-17595

Vulnerability from osv_almalinux

Published

2021-11-09 09:21

Modified

2023-03-13 16:33

Summary

Moderate: ncurses security update

Details

The ncurses (new curses) library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo.

Security Fix(es):

ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c (CVE-2019-17594)
ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c (CVE-2019-17595)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "ncurses"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1-9.20180224.el8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "ncurses-base"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1-9.20180224.el8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "ncurses-c++-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1-9.20180224.el8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "ncurses-compat-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1-9.20180224.el8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "ncurses-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1-9.20180224.el8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "ncurses-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1-9.20180224.el8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "ncurses-term"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1-9.20180224.el8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The ncurses (new curses) library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo.\n\nSecurity Fix(es):\n\n* ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c (CVE-2019-17594)\n\n* ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c (CVE-2019-17595)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2021:4426",
  "modified": "2023-03-13T16:33:51Z",
  "published": "2021-11-09T09:21:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2021-4426.html"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2019-17594"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2019-17595"
    }
  ],
  "related": [
    "CVE-2019-17594",
    "CVE-2019-17595"
  ],
  "summary": "Moderate: ncurses security update"
}

CERTFR-2022-AVI-386

Vulnerability from certfr_avis - Published: 2022-04-26 - Updated: 2022-04-26

De multiples vulnérabilités ont été découvertes dans IBM QRadar SIEM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	QRadar SIEM	IBM QRadar SIEM version 7.5.0 antérieure à 7.5.0 UP1
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.4.3 antérieures à 7.4.3 FP5
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.3.3 antérieures à 7.3.3 FP11

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6574453 du 25 avril 2022	None	vendor-advisory
Bulletin de sécurité IBM 6574787 du 25 avril 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM QRadar SIEM version 7.5.0 ant\u00e9rieure \u00e0 7.5.0 UP1",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.4.3 ant\u00e9rieures \u00e0 7.4.3 FP5",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.3.3 ant\u00e9rieures \u00e0 7.3.3 FP11",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2021-3200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3200"
    },
    {
      "name": "CVE-2021-35586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2020-8022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8022"
    },
    {
      "name": "CVE-2021-38919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38919"
    },
    {
      "name": "CVE-2021-42340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42340"
    },
    {
      "name": "CVE-2021-33929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33929"
    },
    {
      "name": "CVE-2021-20231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20231"
    },
    {
      "name": "CVE-2021-38939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38939"
    },
    {
      "name": "CVE-2019-20838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
    },
    {
      "name": "CVE-2021-38874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38874"
    },
    {
      "name": "CVE-2021-41182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
    },
    {
      "name": "CVE-2021-33928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33928"
    },
    {
      "name": "CVE-2021-36086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36086"
    },
    {
      "name": "CVE-2021-20266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
    },
    {
      "name": "CVE-2019-17594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17594"
    },
    {
      "name": "CVE-2021-38869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38869"
    },
    {
      "name": "CVE-2021-35559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
    },
    {
      "name": "CVE-2021-35565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
    },
    {
      "name": "CVE-2021-2432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2432"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-9488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9488"
    },
    {
      "name": "CVE-2020-24370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24370"
    },
    {
      "name": "CVE-2021-2369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
    },
    {
      "name": "CVE-2021-41184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
    },
    {
      "name": "CVE-2021-33813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
    },
    {
      "name": "CVE-2021-41183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
    },
    {
      "name": "CVE-2021-3445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3445"
    },
    {
      "name": "CVE-2020-16135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-16135"
    },
    {
      "name": "CVE-2021-36085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36085"
    },
    {
      "name": "CVE-2021-29776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29776"
    },
    {
      "name": "CVE-2021-2388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
    },
    {
      "name": "CVE-2021-35588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
    },
    {
      "name": "CVE-2019-17595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17595"
    },
    {
      "name": "CVE-2021-23214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23214"
    },
    {
      "name": "CVE-2021-33930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33930"
    },
    {
      "name": "CVE-2021-41035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41035"
    },
    {
      "name": "CVE-2021-20232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20232"
    },
    {
      "name": "CVE-2021-28153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28153"
    },
    {
      "name": "CVE-2021-35578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
    },
    {
      "name": "CVE-2021-27218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27218"
    },
    {
      "name": "CVE-2021-33560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
    },
    {
      "name": "CVE-2021-35564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
    },
    {
      "name": "CVE-2022-22345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22345"
    },
    {
      "name": "CVE-2020-14155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
    },
    {
      "name": "CVE-2021-38878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38878"
    },
    {
      "name": "CVE-2021-36087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36087"
    },
    {
      "name": "CVE-2020-12762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
    },
    {
      "name": "CVE-2021-35556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
    },
    {
      "name": "CVE-2021-22096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22096"
    },
    {
      "name": "CVE-2021-35560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
    },
    {
      "name": "CVE-2021-36084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36084"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2021-3580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
    },
    {
      "name": "CVE-2021-33938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33938"
    }
  ],
  "initial_release_date": "2022-04-26T00:00:00",
  "last_revision_date": "2022-04-26T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-386",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar SIEM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar SIEM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6574453 du 25 avril 2022",
      "url": "https://www.ibm.com/support/pages/node/6574453"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6574787 du 25 avril 2022",
      "url": "https://www.ibm.com/support/pages/node/6574787"
    }
  ]
}

CERTFR-2023-AVI-1015

Vulnerability from certfr_avis - Published: 2023-12-12 - Updated: 2023-12-12

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions
Siemens	N/A	SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions
Siemens	N/A	Opcenter Quality toutes versions
Siemens	N/A	SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions antérieures à V3.1.0
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V8.0
Siemens	N/A	LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions
Siemens	N/A	SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions
Siemens	N/A	SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC PC-Station Plus toutes versions
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions antérieures à V2.60
Siemens	N/A	SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions
Siemens	N/A	LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SINUMERIK MC toutes versions
Siemens	N/A	SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions
Siemens	N/A	SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions
Siemens	N/A	SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions
Siemens	N/A	LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions
Siemens	N/A	SINUMERIK ONE toutes versions
Siemens	N/A	SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V8.0
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions antérieures à V3.1.0
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions
Siemens	N/A	SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V8.0
Siemens	N/A	SINAMICS S120 (incl. SIPLUS variants) versions antérieures à V5.2 SP3 HF15
Siemens	N/A	SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V7.2.2
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions antérieures à V2.60
Siemens	N/A	SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions
Siemens	N/A	SINUMERIK Integrate RunMyHMI /Automotive toutes versions
Siemens	N/A	SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SINAMICS S210 (6SL5...) versions supérieures ou égales àV6.1 versions antérieures à V6.1 HF2
Siemens	N/A	SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions
Siemens	N/A	SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC STEP 7 (TIA Portal) versions antérieures à V19
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions
Siemens	N/A	SIMATIC S7-PLCSIM Advanced versions antérieures à V6.0
Siemens	N/A	SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions
Siemens	N/A	SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions
Siemens	N/A	SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions
Siemens	N/A	LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions
Siemens	N/A	SIMATIC PCS neo versions antérieures à V4.1
Siemens	N/A	SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SINAMICS S210 (6SL5...) versions supérieures à V6.1 et antérieure à V6.1 HF2
Siemens	N/A	SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SINEC INS versions antérieures à V1.0 SP2 Update 2
Siemens	N/A	LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC CP 1243-7 LTE toutes versions
Siemens	N/A	SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions
Siemens	N/A	LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V8.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions antérieures à V3.1.0
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V8.0
Siemens	N/A	Totally Integrated Automation Portal (TIA Portal) versions V14 à V18 antérieures à V18 Update 3
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-844582 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-180704 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-077170 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-480095 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-118850 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-068047 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-892915 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-999588 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-280603 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-693975 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-887801 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-592380 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-398330 du 12 décembre 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Quality toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PC-Station Plus toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK MC toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK ONE toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS S120 (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 V5.2 SP3 HF15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK Integrate RunMyHMI /Automotive toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures ou \u00e9gales \u00e0V6.1 versions ant\u00e9rieures \u00e0 V6.1 HF2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 (TIA Portal) versions ant\u00e9rieures \u00e0 V19",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-PLCSIM Advanced versions ant\u00e9rieures \u00e0 V6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS neo versions ant\u00e9rieures \u00e0 V4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures \u00e0 V6.1 et ant\u00e9rieure \u00e0 V6.1 HF2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINEC INS versions ant\u00e9rieures \u00e0 V1.0 SP2 Update 2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-7 LTE toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Totally Integrated Automation Portal (TIA Portal) versions V14 \u00e0 V18 ant\u00e9rieures \u00e0 V18 Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-5131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
    },
    {
      "name": "CVE-2016-4658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
    },
    {
      "name": "CVE-2017-7375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
    },
    {
      "name": "CVE-2017-7376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
    },
    {
      "name": "CVE-2017-0663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-0663"
    },
    {
      "name": "CVE-2017-9047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
    },
    {
      "name": "CVE-2017-9048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
    },
    {
      "name": "CVE-2017-16931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
    },
    {
      "name": "CVE-2017-9050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
    },
    {
      "name": "CVE-2017-18258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
    },
    {
      "name": "CVE-2017-9049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
    },
    {
      "name": "CVE-2017-16932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
    },
    {
      "name": "CVE-2016-9318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
    },
    {
      "name": "CVE-2018-0495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0495"
    },
    {
      "name": "CVE-2019-6111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6111"
    },
    {
      "name": "CVE-2019-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
    },
    {
      "name": "CVE-2019-3856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
    },
    {
      "name": "CVE-2019-3863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
    },
    {
      "name": "CVE-2019-3857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
    },
    {
      "name": "CVE-2019-8457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
    },
    {
      "name": "CVE-2019-5443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
    },
    {
      "name": "CVE-2019-6109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6109"
    },
    {
      "name": "CVE-2019-15903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
    },
    {
      "name": "CVE-2019-3859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3859"
    },
    {
      "name": "CVE-2019-3861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3861"
    },
    {
      "name": "CVE-2019-3860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3860"
    },
    {
      "name": "CVE-2019-3858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3858"
    },
    {
      "name": "CVE-2019-3862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
    },
    {
      "name": "CVE-2019-13565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13565"
    },
    {
      "name": "CVE-2019-13057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13057"
    },
    {
      "name": "CVE-2019-9636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
    },
    {
      "name": "CVE-2019-16168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
    },
    {
      "name": "CVE-2019-19926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
    },
    {
      "name": "CVE-2019-19925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
    },
    {
      "name": "CVE-2019-19880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
    },
    {
      "name": "CVE-2019-19923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
    },
    {
      "name": "CVE-2019-5018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5018"
    },
    {
      "name": "CVE-2019-9936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
    },
    {
      "name": "CVE-2019-5482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
    },
    {
      "name": "CVE-2019-19646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
    },
    {
      "name": "CVE-2020-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2019-19906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
    },
    {
      "name": "CVE-2020-14145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
    },
    {
      "name": "CVE-2019-9937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
    },
    {
      "name": "CVE-2019-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
    },
    {
      "name": "CVE-2018-20843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2020-13435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
    },
    {
      "name": "CVE-2020-13434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2020-25709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25709"
    },
    {
      "name": "CVE-2021-3177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
    },
    {
      "name": "CVE-2019-25013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
    },
    {
      "name": "CVE-2019-19956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
    },
    {
      "name": "CVE-2020-28196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
    },
    {
      "name": "CVE-2020-8285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
    },
    {
      "name": "CVE-2020-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
    },
    {
      "name": "CVE-2020-36221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36221"
    },
    {
      "name": "CVE-2020-36224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36224"
    },
    {
      "name": "CVE-2020-36222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36222"
    },
    {
      "name": "CVE-2020-36227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36227"
    },
    {
      "name": "CVE-2020-36225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36225"
    },
    {
      "name": "CVE-2020-36228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36228"
    },
    {
      "name": "CVE-2020-36223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36223"
    },
    {
      "name": "CVE-2020-36229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36229"
    },
    {
      "name": "CVE-2020-36226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36226"
    },
    {
      "name": "CVE-2020-36230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36230"
    },
    {
      "name": "CVE-2020-10531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10531"
    },
    {
      "name": "CVE-2021-28363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28363"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2020-10878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
    },
    {
      "name": "CVE-2021-23336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2019-17543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17543"
    },
    {
      "name": "CVE-2021-3518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2019-19645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
    },
    {
      "name": "CVE-2019-20907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20907"
    },
    {
      "name": "CVE-2020-10543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
    },
    {
      "name": "CVE-2020-12723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
    },
    {
      "name": "CVE-2021-20305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20305"
    },
    {
      "name": "CVE-2019-20388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
    },
    {
      "name": "CVE-2020-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12243"
    },
    {
      "name": "CVE-2020-29573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29573"
    },
    {
      "name": "CVE-2020-10029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
    },
    {
      "name": "CVE-2019-5188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5188"
    },
    {
      "name": "CVE-2019-5094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5094"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2013-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
    },
    {
      "name": "CVE-2021-33910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
    },
    {
      "name": "CVE-2021-27219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27219"
    },
    {
      "name": "CVE-2021-27218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27218"
    },
    {
      "name": "CVE-2019-18276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
    },
    {
      "name": "CVE-2020-24977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2020-29362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29362"
    },
    {
      "name": "CVE-2019-9169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9169"
    },
    {
      "name": "CVE-2020-29363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29363"
    },
    {
      "name": "CVE-2021-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
    },
    {
      "name": "CVE-2020-13776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13776"
    },
    {
      "name": "CVE-2020-26116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
    },
    {
      "name": "CVE-2020-25692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25692"
    },
    {
      "name": "CVE-2016-10228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10228"
    },
    {
      "name": "CVE-2020-29361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29361"
    },
    {
      "name": "CVE-2021-3541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
    },
    {
      "name": "CVE-2021-3326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
    },
    {
      "name": "CVE-2020-8231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
    },
    {
      "name": "CVE-2020-8492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
    },
    {
      "name": "CVE-2021-3516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3516"
    },
    {
      "name": "CVE-2021-3537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
    },
    {
      "name": "CVE-2020-8315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8315"
    },
    {
      "name": "CVE-2020-27618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2021-20227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
    },
    {
      "name": "CVE-2021-36222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
    },
    {
      "name": "CVE-2021-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
    },
    {
      "name": "CVE-2021-3733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
    },
    {
      "name": "CVE-2022-45061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
    },
    {
      "name": "CVE-2022-40674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2022-43680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
    },
    {
      "name": "CVE-2022-29824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
    },
    {
      "name": "CVE-2022-23308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2019-9948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9948"
    },
    {
      "name": "CVE-2022-42898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
    },
    {
      "name": "CVE-2019-6110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6110"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2019-16905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16905"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2022-46143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46143"
    },
    {
      "name": "CVE-2022-23990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
    },
    {
      "name": "CVE-2021-45960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
    },
    {
      "name": "CVE-2022-22827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
    },
    {
      "name": "CVE-2022-22825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
    },
    {
      "name": "CVE-2022-22822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
    },
    {
      "name": "CVE-2022-22824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
    },
    {
      "name": "CVE-2021-46143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
    },
    {
      "name": "CVE-2022-22826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
    },
    {
      "name": "CVE-2022-23852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
    },
    {
      "name": "CVE-2022-22823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
    },
    {
      "name": "CVE-2019-5436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5436"
    },
    {
      "name": "CVE-2022-25313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
    },
    {
      "name": "CVE-2022-25236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
    },
    {
      "name": "CVE-2022-25315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
    },
    {
      "name": "CVE-2022-25235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
    },
    {
      "name": "CVE-2019-19603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
    },
    {
      "name": "CVE-2021-22890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2019-19317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
    },
    {
      "name": "CVE-2019-19924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
    },
    {
      "name": "CVE-2021-22924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2020-9327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2019-19242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
    },
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2019-19244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
    },
    {
      "name": "CVE-2021-41617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
    },
    {
      "name": "CVE-2022-0391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2018-14404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
    },
    {
      "name": "CVE-2019-9947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
    },
    {
      "name": "CVE-2019-9740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
    },
    {
      "name": "CVE-2019-10160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10160"
    },
    {
      "name": "CVE-2019-16056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16056"
    },
    {
      "name": "CVE-2020-12762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
    },
    {
      "name": "CVE-2019-17594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17594"
    },
    {
      "name": "CVE-2019-17595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17595"
    },
    {
      "name": "CVE-2021-20231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20231"
    },
    {
      "name": "CVE-2021-36085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36085"
    },
    {
      "name": "CVE-2021-36084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36084"
    },
    {
      "name": "CVE-2021-20232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20232"
    },
    {
      "name": "CVE-2021-36086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36086"
    },
    {
      "name": "CVE-2021-3580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
    },
    {
      "name": "CVE-2021-36087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36087"
    },
    {
      "name": "CVE-2021-33560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
    },
    {
      "name": "CVE-2021-28153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28153"
    },
    {
      "name": "CVE-2022-1434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2022-1343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
    },
    {
      "name": "CVE-2022-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
    },
    {
      "name": "CVE-2022-29155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29155"
    },
    {
      "name": "CVE-2022-25314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
    },
    {
      "name": "CVE-2021-4122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2022-2274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2274"
    },
    {
      "name": "CVE-2022-2097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
    },
    {
      "name": "CVE-2020-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25710"
    },
    {
      "name": "CVE-2022-24407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
    },
    {
      "name": "CVE-2018-14567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
    },
    {
      "name": "CVE-2021-33574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
    },
    {
      "name": "CVE-2021-36690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
    },
    {
      "name": "CVE-2021-37750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
    },
    {
      "name": "CVE-2022-27778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
    },
    {
      "name": "CVE-2021-3999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
    },
    {
      "name": "CVE-2022-23218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
    },
    {
      "name": "CVE-2022-23219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-26488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2019-18348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
    },
    {
      "name": "CVE-2020-15523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
    },
    {
      "name": "CVE-2021-4189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
    },
    {
      "name": "CVE-2022-37454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
    },
    {
      "name": "CVE-2020-10735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2020-15778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2022-35260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2023-25136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25136"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2015-20107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
    },
    {
      "name": "CVE-2022-45873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
    },
    {
      "name": "CVE-2022-3821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    },
    {
      "name": "CVE-2018-12886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12886"
    },
    {
      "name": "CVE-2022-1304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
    },
    {
      "name": "CVE-2023-24329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2021-46828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
    },
    {
      "name": "CVE-2023-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
    },
    {
      "name": "CVE-2023-29469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
    },
    {
      "name": "CVE-2023-28484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2022-27780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
    },
    {
      "name": "CVE-2022-30115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
    },
    {
      "name": "CVE-2023-27537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
    },
    {
      "name": "CVE-2020-1752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
    },
    {
      "name": "CVE-2021-35942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
    },
    {
      "name": "CVE-2021-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
    },
    {
      "name": "CVE-2023-31238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31238"
    },
    {
      "name": "CVE-2020-29562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
    },
    {
      "name": "CVE-2021-27645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
    },
    {
      "name": "CVE-2023-30901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30901"
    },
    {
      "name": "CVE-2021-3998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3998"
    },
    {
      "name": "CVE-2019-20218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
    },
    {
      "name": "CVE-2020-35527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
    },
    {
      "name": "CVE-2016-3189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
    },
    {
      "name": "CVE-2019-19959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
    },
    {
      "name": "CVE-2020-35525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
    },
    {
      "name": "CVE-2022-46908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
    },
    {
      "name": "CVE-2021-31239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
    },
    {
      "name": "CVE-2016-3709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
    },
    {
      "name": "CVE-2021-28861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
    },
    {
      "name": "CVE-2023-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
    },
    {
      "name": "CVE-2023-0361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2023-38408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
    },
    {
      "name": "CVE-2023-35001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
    },
    {
      "name": "CVE-2023-2953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2023-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
    },
    {
      "name": "CVE-2023-3609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
    },
    {
      "name": "CVE-2023-34319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34319"
    },
    {
      "name": "CVE-2023-1206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
    },
    {
      "name": "CVE-2023-40283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
    },
    {
      "name": "CVE-2023-28831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28831"
    },
    {
      "name": "CVE-2023-3772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
    },
    {
      "name": "CVE-2023-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
    },
    {
      "name": "CVE-2023-4623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
    },
    {
      "name": "CVE-2023-39192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
    },
    {
      "name": "CVE-2023-39193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
    },
    {
      "name": "CVE-2023-42754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
    },
    {
      "name": "CVE-2023-39194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2023-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
    },
    {
      "name": "CVE-2023-42755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-45853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
    },
    {
      "name": "CVE-2023-31085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
    },
    {
      "name": "CVE-2023-39189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-44321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
    },
    {
      "name": "CVE-2023-44374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44374"
    },
    {
      "name": "CVE-2023-44320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
    },
    {
      "name": "CVE-2023-44319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
    },
    {
      "name": "CVE-2023-44317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
    },
    {
      "name": "CVE-2023-44318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44318"
    },
    {
      "name": "CVE-2023-44373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
    },
    {
      "name": "CVE-2023-44322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
    },
    {
      "name": "CVE-2020-22218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
    },
    {
      "name": "CVE-2023-4527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
    },
    {
      "name": "CVE-2023-4813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
    },
    {
      "name": "CVE-2023-4806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
    },
    {
      "name": "CVE-2022-48303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
    },
    {
      "name": "CVE-2021-3426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
    },
    {
      "name": "CVE-2023-5717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
    },
    {
      "name": "CVE-2023-45871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
    },
    {
      "name": "CVE-2020-19186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19186"
    },
    {
      "name": "CVE-2020-19190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19190"
    },
    {
      "name": "CVE-2020-19185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19185"
    },
    {
      "name": "CVE-2020-19189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
    },
    {
      "name": "CVE-2020-19187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19187"
    },
    {
      "name": "CVE-2020-19188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19188"
    },
    {
      "name": "CVE-2020-19909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
    },
    {
      "name": "CVE-2019-11360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11360"
    },
    {
      "name": "CVE-2019-13627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13627"
    },
    {
      "name": "CVE-2019-7309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-7309"
    },
    {
      "name": "CVE-2022-0563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
    },
    {
      "name": "CVE-2019-1010024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010024"
    },
    {
      "name": "CVE-2022-47375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47375"
    },
    {
      "name": "CVE-2019-19126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19126"
    },
    {
      "name": "CVE-2023-46283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46283"
    },
    {
      "name": "CVE-2023-46282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46282"
    },
    {
      "name": "CVE-2023-32643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
    },
    {
      "name": "CVE-2014-7209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7209"
    },
    {
      "name": "CVE-2023-48431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48431"
    },
    {
      "name": "CVE-2023-4039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
    },
    {
      "name": "CVE-2017-17512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17512"
    },
    {
      "name": "CVE-2020-1712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1712"
    },
    {
      "name": "CVE-2023-48430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48430"
    },
    {
      "name": "CVE-2019-6488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6488"
    },
    {
      "name": "CVE-2023-39128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39128"
    },
    {
      "name": "CVE-2018-20482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20482"
    },
    {
      "name": "CVE-2021-27212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27212"
    },
    {
      "name": "CVE-2019-5481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
    },
    {
      "name": "CVE-2021-43396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43396"
    },
    {
      "name": "CVE-2022-2509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
    },
    {
      "name": "CVE-2022-3715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
    },
    {
      "name": "CVE-2023-0687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
    },
    {
      "name": "CVE-2019-20795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20795"
    },
    {
      "name": "CVE-2023-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
    },
    {
      "name": "CVE-2019-9674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9674"
    },
    {
      "name": "CVE-2022-48522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
    },
    {
      "name": "CVE-2020-21913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-21913"
    },
    {
      "name": "CVE-2019-12904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12904"
    },
    {
      "name": "CVE-2021-28041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28041"
    },
    {
      "name": "CVE-2022-42784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42784"
    },
    {
      "name": "CVE-2023-48427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48427"
    },
    {
      "name": "CVE-2020-24659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24659"
    },
    {
      "name": "CVE-2023-48429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48429"
    },
    {
      "name": "CVE-2020-12062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12062"
    },
    {
      "name": "CVE-2019-1010023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010023"
    },
    {
      "name": "CVE-2023-49692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49692"
    },
    {
      "name": "CVE-2016-10739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10739"
    },
    {
      "name": "CVE-2019-1010180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010180"
    },
    {
      "name": "CVE-2023-46285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46285"
    },
    {
      "name": "CVE-2023-46156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46156"
    },
    {
      "name": "CVE-2019-5435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
    },
    {
      "name": "CVE-2019-15847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15847"
    },
    {
      "name": "CVE-2023-29491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
    },
    {
      "name": "CVE-2019-20367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20367"
    },
    {
      "name": "CVE-2023-46284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46284"
    },
    {
      "name": "CVE-2023-35945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
    },
    {
      "name": "CVE-2023-32665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
    },
    {
      "name": "CVE-2023-39615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
    },
    {
      "name": "CVE-2021-37600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2021-3997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
    },
    {
      "name": "CVE-2021-3826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3826"
    },
    {
      "name": "CVE-2023-26604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
    },
    {
      "name": "CVE-2019-1010022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010022"
    },
    {
      "name": "CVE-2020-6096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6096"
    },
    {
      "name": "CVE-2021-33294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
    },
    {
      "name": "CVE-2021-43618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
    },
    {
      "name": "CVE-2023-48428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48428"
    },
    {
      "name": "CVE-2023-45322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
    },
    {
      "name": "CVE-2019-17498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
    },
    {
      "name": "CVE-2023-49691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49691"
    },
    {
      "name": "CVE-2023-25139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25139"
    },
    {
      "name": "CVE-2023-29499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
    },
    {
      "name": "CVE-2020-1751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1751"
    },
    {
      "name": "CVE-2019-1010025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010025"
    },
    {
      "name": "CVE-2019-12290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12290"
    },
    {
      "name": "CVE-2019-18224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18224"
    },
    {
      "name": "CVE-2018-18928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18928"
    },
    {
      "name": "CVE-2022-27943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27943"
    },
    {
      "name": "CVE-2022-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
    },
    {
      "name": "CVE-2021-32292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
    },
    {
      "name": "CVE-2020-21047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-21047"
    },
    {
      "name": "CVE-2021-46195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46195"
    },
    {
      "name": "CVE-2023-38380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38380"
    },
    {
      "name": "CVE-2023-28531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28531"
    },
    {
      "name": "CVE-2020-11501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11501"
    },
    {
      "name": "CVE-2023-4016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
    },
    {
      "name": "CVE-2022-47374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47374"
    },
    {
      "name": "CVE-2023-46281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46281"
    },
    {
      "name": "CVE-2013-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
    },
    {
      "name": "CVE-2020-15801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15801"
    },
    {
      "name": "CVE-2022-46141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46141"
    },
    {
      "name": "CVE-2023-34969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
    },
    {
      "name": "CVE-2020-13529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13529"
    },
    {
      "name": "CVE-2023-27371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27371"
    },
    {
      "name": "CVE-2023-32611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
    },
    {
      "name": "CVE-2021-20193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
    },
    {
      "name": "CVE-2023-29383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
    },
    {
      "name": "CVE-2019-9923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9923"
    },
    {
      "name": "CVE-2020-13777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13777"
    },
    {
      "name": "CVE-2023-5981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
    },
    {
      "name": "CVE-2020-14422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14422"
    },
    {
      "name": "CVE-2023-32636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
    },
    {
      "name": "CVE-2021-4209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4209"
    },
    {
      "name": "CVE-2018-19591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19591"
    },
    {
      "name": "CVE-2022-48560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
    }
  ],
  "initial_release_date": "2023-12-12T00:00:00",
  "last_revision_date": "2023-12-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-1015",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-12-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-844582 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-180704 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-480095.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-077170 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-480095 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-118850 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-068047 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-077170.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-892915 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-999588 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-280603 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-693975 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-892915.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-887801 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-887801.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-592380 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-844582.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-398330 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html"
    }
  ]
}

CVE-2019-17595

Vulnerability from fstec - Published: 13.10.2019

Title

Уязвимость функции fmt_entry function библиотеки ncurses, позволяющая нарушителю раскрыть защищаемую информацию и вызвать отказ в обслуживании

Description

Уязвимость функции fmt_entry function (tinfo/comp_hash.c) библиотеки ncurses связана с чтением за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, раскрыть защищаемую информацию и вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Vendor

Novell Inc., Сообщество свободного программного обеспечения

Software Name

Suse Linux Enterprise Desktop, SUSE Linux Enterprise Server for SAP Applications, SUSE Linux Enterprise Software Development Kit, Suse Linux Enterprise Server, SUSE Linux Enterprise Module for Basesystem, OpenSUSE Leap, SUSE CaaS Platform, SUSE Linux Enterprise Module for Development Tools, SUSE Linux Enterprise Module for Legacy Software, SUSE Linux Enterprise Module for Open Buildservice Development Tools, ncurses

Software Version

12 SP4 (Suse Linux Enterprise Desktop), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Software Development Kit), 12 SP4 (Suse Linux Enterprise Server), 15 (SUSE Linux Enterprise Module for Basesystem), 15 SP1 (SUSE Linux Enterprise Module for Basesystem), 15.0 (OpenSUSE Leap), 3.0 (SUSE CaaS Platform), 15 (SUSE Linux Enterprise Module for Development Tools), 15 SP1 (SUSE Linux Enterprise Module for Development Tools), 15 SP1 (SUSE Linux Enterprise Module for Legacy Software), 15 (SUSE Linux Enterprise Module for Legacy Software), 15 SP1 (SUSE Linux Enterprise Module for Open Buildservice Development Tools), 15.1 (OpenSUSE Leap), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), 12 SP5 (SUSE Linux Enterprise Software Development Kit), до 6.1.20191012 (ncurses)

Possible Mitigations

Использование рекомендаций: Для ncurses: Обновление библиотеки ncurses до актуальной версии Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2019-17595/

Reference

https://www.suse.com/security/cve/CVE-2019-17595/ https://nvd.nist.gov/vuln/detail/CVE-2019-17595 https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html

CWE

CWE-125

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "12 SP4 (Suse Linux Enterprise Desktop), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Software Development Kit), 12 SP4 (Suse Linux Enterprise Server), 15 (SUSE Linux Enterprise Module for Basesystem), 15 SP1 (SUSE Linux Enterprise Module for Basesystem), 15.0 (OpenSUSE Leap), 3.0 (SUSE CaaS Platform), 15 (SUSE Linux Enterprise Module for Development Tools), 15 SP1 (SUSE Linux Enterprise Module for Development Tools), 15 SP1 (SUSE Linux Enterprise Module for Legacy Software), 15 (SUSE Linux Enterprise Module for Legacy Software), 15 SP1 (SUSE Linux Enterprise Module for Open Buildservice Development Tools), 15.1 (OpenSUSE Leap), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), 12 SP5 (SUSE Linux Enterprise Software Development Kit), \u0434\u043e 6.1.20191012 (ncurses)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f ncurses:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 ncurses \u0434\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439  \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2019-17595/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "13.10.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "29.04.2020",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "29.04.2020",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-01854",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-17595",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Suse Linux Enterprise Desktop, SUSE Linux Enterprise Server for SAP Applications, SUSE Linux Enterprise Software Development Kit, Suse Linux Enterprise Server, SUSE Linux Enterprise Module for Basesystem, OpenSUSE Leap, SUSE CaaS Platform, SUSE Linux Enterprise Module for Development Tools, SUSE Linux Enterprise Module for Legacy Software, SUSE Linux Enterprise Module for Open Buildservice Development Tools, ncurses",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Novell Inc. OpenSUSE Leap 15.0 , Novell Inc. OpenSUSE Leap 15.1 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 fmt_entry function \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 ncurses, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-125)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 fmt_entry function (tinfo/comp_hash.c) \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 ncurses \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.suse.com/security/cve/CVE-2019-17595/\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-17595\nhttps://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html\nhttps://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-125",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,4)"
}

CNVD-2020-13675

Vulnerability from cnvd - Published: 2020-02-26

Title

ncurses缓冲区溢出漏洞（CNVD-2020-13675）

Description

ncurses是一个字符终端处理库，它能够提供一系列函数以供用户调用并生成基于文本的用户界面。 ncurses 6.1-20191012之前版本中的terminfo库的tinfo/comp_hash.c文件的‘fmt_entry’函数存在缓冲区溢出漏洞，该漏洞源于网络系统或产品在内存上执行操作时，未正确验证数据边界，导致向关联的其他内存位置上执行了错误的读写操作，攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。

Severity

中

Patch Name

ncurses缓冲区溢出漏洞（CNVD-2020-13675）的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-17595

Impacted products

Name
Gnu ncurses <6.1-20191012

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-17595",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-17595"
    }
  },
  "description": "ncurses\u662f\u4e00\u4e2a\u5b57\u7b26\u7ec8\u7aef\u5904\u7406\u5e93\uff0c\u5b83\u80fd\u591f\u63d0\u4f9b\u4e00\u7cfb\u5217\u51fd\u6570\u4ee5\u4f9b\u7528\u6237\u8c03\u7528\u5e76\u751f\u6210\u57fa\u4e8e\u6587\u672c\u7684\u7528\u6237\u754c\u9762\u3002\n\nncurses 6.1-20191012\u4e4b\u524d\u7248\u672c\u4e2d\u7684terminfo\u5e93\u7684tinfo/comp_hash.c\u6587\u4ef6\u7684\u2018fmt_entry\u2019\u51fd\u6570\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u5185\u5b58\u4e0a\u6267\u884c\u64cd\u4f5c\u65f6\uff0c\u672a\u6b63\u786e\u9a8c\u8bc1\u6570\u636e\u8fb9\u754c\uff0c\u5bfc\u81f4\u5411\u5173\u8054\u7684\u5176\u4ed6\u5185\u5b58\u4f4d\u7f6e\u4e0a\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bfb\u5199\u64cd\u4f5c\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-13675",
  "openTime": "2020-02-26",
  "patchDescription": "ncurses\u662f\u4e00\u4e2a\u5b57\u7b26\u7ec8\u7aef\u5904\u7406\u5e93\uff0c\u5b83\u80fd\u591f\u63d0\u4f9b\u4e00\u7cfb\u5217\u51fd\u6570\u4ee5\u4f9b\u7528\u6237\u8c03\u7528\u5e76\u751f\u6210\u57fa\u4e8e\u6587\u672c\u7684\u7528\u6237\u754c\u9762\u3002\r\n\r\nncurses 6.1-20191012\u4e4b\u524d\u7248\u672c\u4e2d\u7684terminfo\u5e93\u7684tinfo/comp_hash.c\u6587\u4ef6\u7684\u2018fmt_entry\u2019\u51fd\u6570\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u5185\u5b58\u4e0a\u6267\u884c\u64cd\u4f5c\u65f6\uff0c\u672a\u6b63\u786e\u9a8c\u8bc1\u6570\u636e\u8fb9\u754c\uff0c\u5bfc\u81f4\u5411\u5173\u8054\u7684\u5176\u4ed6\u5185\u5b58\u4f4d\u7f6e\u4e0a\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bfb\u5199\u64cd\u4f5c\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "ncurses\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2020-13675\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Gnu ncurses \u003c6.1-20191012"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-17595",
  "serverity": "\u4e2d",
  "submitTime": "2019-10-15",
  "title": "ncurses\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2020-13675\uff09"
}

GSD-2019-17595

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

Aliases

CVE-2019-17595

Aliases

CVE-2019-17595

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-17595",
    "description": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
    "id": "GSD-2019-17595",
    "references": [
      "https://www.suse.com/security/cve/CVE-2019-17595.html",
      "https://access.redhat.com/errata/RHSA-2021:4426",
      "https://advisories.mageia.org/CVE-2019-17595.html",
      "https://linux.oracle.com/cve/CVE-2019-17595.html",
      "https://ubuntu.com/security/CVE-2019-17595"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-17595"
      ],
      "details": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
      "id": "GSD-2019-17595",
      "modified": "2023-12-13T01:23:44.567728Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2019-17595",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html",
            "refsource": "MISC",
            "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html"
          },
          {
            "name": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html",
            "refsource": "MISC",
            "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html"
          },
          {
            "name": "openSUSE-SU-2019:2551",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html"
          },
          {
            "name": "openSUSE-SU-2019:2550",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html"
          },
          {
            "name": "GLSA-202101-28",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202101-28"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-17595"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html"
            },
            {
              "name": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html"
            },
            {
              "name": "openSUSE-SU-2019:2550",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html"
            },
            {
              "name": "openSUSE-SU-2019:2551",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html"
            },
            {
              "name": "GLSA-202101-28",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202101-28"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.5
        }
      },
      "lastModifiedDate": "2021-02-08T20:52Z",
      "publishedDate": "2019-10-14T21:15Z"
    }
  }
}

GHSA-MHRH-92MR-7RW4

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2022-05-24 16:58

Details

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-17595"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-14T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.",
  "id": "GHSA-mhrh-92mr-7rw4",
  "modified": "2022-05-24T16:58:47Z",
  "published": "2022-05-24T16:58:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17595"
    },
    {
      "type": "WEB",
      "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202101-28"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-17595 (GCVE-0-2019-17595)

Vulnerability from osv_almalinux

Solution

Solution

Tags

Sightings

Nomenclature