Vulnerability Name: CVE-2014-8176 (CCN-103782) Assigned: 2014-10-10 Published: 2015-06-11 Updated: 2022-12-13 Summary: The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data. CVSS v3 Severity: 5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): RequiredScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): High
CVSS v2 Severity: 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P )5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
6.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P )4.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P )3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Partial
Vulnerability Consequences: Gain Access References: Source: MITRE Type: CNACVE-2014-8176 Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: CCN Type: RHSA-2016-2957Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: CCN Type: Cisco Security Advisory ID: cisco-sa-20150612-opensslMultiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: CCN Type: IBM Security Bulletin 1963438Vulnerabilities in OpenSSL including Logjam affect IBM Security Identity Governance Source: CCN Type: IBM Security Bulletin T1022444 PowerKVM is affected by OpenSSL vulnerabilities (multiple CVEs) Source: CCN Type: IBM Security Bulletin T1022527Vulnerabilities in OpenSSL including Logjam affect IBM GPFS V3.5 for Windows (CVE-2015-4000, CVE-2015-1793, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792) Source: CCN Type: IBM Security Bulletin T1022647Vulnerabilities in OpenSSL affect IBM Cloud Manager with OpenStack (CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792) Source: CCN Type: IBM Security Bulletin T1022655Vulnerabilities in OpenSSL affect IBM SmartCloud Entry (CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792) Source: CCN Type: IBM Security Bulletin T1022724OpenSSL vulnerabilities affect IBM SmartCloud Entry Source: CCN Type: IBM Security Bulletin T1023117Multiple Vulnerabilities in OpenSSL including Logjam affect IBM Flex System Manager (FSM) Source: CCN Type: IBM Security Bulletin N1020840Vulnerabilities in OpenSSL including Logjam affect IBM i Source: CCN Type: IBM Security Bulletin N1020862Vulnerabilities in Open SSL affect Power Hardware Management Console (CVE-2014-8176,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216) Source: CCN Type: IBM Security Bulletin S1005313Vulnerabilities in OpenSSL affect IBM SONAS (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792) Source: CCN Type: IBM Security Bulletin S1005314Vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792) Source: CCN Type: IBM Security Bulletin S1009687 (Data ONTAP)Vulnerabilities in OpenSSL affect multiple N series products Source: CCN Type: IBM Security Bulletin 1959308Vulnerabilities in OpenSSL including Logjam affect Sterling Connect:Express for UNIX (CVE-2015-4000, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792) Source: CCN Type: IBM Security Bulletin 1959518Vulnerabilities in OpenSSL including Logjam affect IBM SDK for Node.js Source: CCN Type: IBM Security Bulletin 1960157Vulnerabilities in OpenSSL affected IBM Workflow for Bluemix (CVE-2015-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792) Source: CCN Type: IBM Security Bulletin 1961438Vulnerabilities in OpenSSL including Logjam affect IBM SDK for Node.js in IBM Bluemix Source: CCN Type: IBM Security Bulletin 1961454Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection Source: CCN Type: IBM Security Bulletin 1961569Vulnerabilities in OpenSSL including Logjam affect Rational Application Developer for WebSphere Software (CVE-2015-1791, CVE-2015-1792, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790) Source: CCN Type: IBM Security Bulletin 1961837Vulnerabilities in OpenSSL including Logjam affect Rational Software Architect and Rational Software Architect for Websphere Software Source: CCN Type: IBM Security Bulletin 1962039Multiple vulnerabilities in OpenSSL affect IBM Security Network Intrusion Prevention System Source: CCN Type: IBM Security Bulletin 1962519IBM Security AppScan Enterprise is affected by multiple vulnerabilities Source: CCN Type: IBM Security Bulletin 1962520IBM Rational Policy Tester is affected by multiple vulnerabilities Source: CCN Type: IBM Security Bulletin 1962623Vulnerabilities in OpenSSL including Logjam affect IBM Security Access Manager for Mobile. Source: CCN Type: IBM Security Bulletin 1962726 IBM Security Identity Manager Virtual Appliance is affected by multiple vulnerabilities Source: CCN Type: IBM Security Bulletin 1963096Vulnerabilities in OpenSSL affect IBM Security Access Manager for Web Source: CCN Type: IBM Security Bulletin 1963232Vulnerabilities in OpenSSL including Logjam affect IBM InfoSphere Guardium Source: CCN Type: IBM Security Bulletin 1963498Vulnerabilities in OpenSSL affect IBM InfoSphere Information Server Source: CCN Type: IBM Security Bulletin 1963954Vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792) Source: CCN Type: IBM Security Bulletin 1963964Multiple Security Vulnerabilities Fixed in IBM Security Privileged Identity Manager Source: CCN Type: IBM Security Bulletin 1964030Vulnerabilities in OpenSSL affect IBM Security Network Controller (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792) Source: CCN Type: IBM Security Bulletin 1964033Vulnerabilities in OpenSSL affect Proventia Network Active Bypass (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792) Source: CCN Type: IBM Security Bulletin 1966381Vulnerabilities in OpenSSLincluding Logjam affect IBM Workload Deployer. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000) Source: CCN Type: IBM Security Bulletin 1966481Multiple vulnerabilities in OpenSSL affect IBM Campaign, IBM Contact Optimization Source: CCN Type: IBM Security Bulletin 1966484Vulnerabilities in OpenSSL affect IBM NetInsight (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1793) Source: CCN Type: IBM Security Bulletin 1966847Multiple vulnerabilities in openssl affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance Source: CCN Type: IBM Security Bulletin 1966873Vulnerabilities in OpenSSL including Logjam affect the Cordova platform packaged with Rational Application Developer affecting Rational Developer for i and Rational Developer for AIX and Linux Source: CCN Type: IBM Security Bulletin 1968724Vulnerabilities in OpenSSL affect IBM Rational Team Concert Build Agent (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2014-8176) Source: CCN Type: IBM Security Bulletin 1968871Vulnerability in OpenSSL affects IBM Security Proventia Network Enterprise Scanner (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2014-8176) Source: CCN Type: IBM Security Bulletin 1969655 Vulnerabilities in OpenSSL including Logjam affect IBM PureApplication System. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000) Source: CCN Type: BID-75159OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: XF Type: UNKNOWNopenssl-cve20148176-code-exec(103782) Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: Third Party Advisorysecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: secalert@redhat.com Type: Exploitsecalert@redhat.com Source: secalert@redhat.com Type: UNKNOWNsecalert@redhat.com Source: CCN Type: Cisco Security Advisory cisco-sa-20150612-opensslMultiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products Source: CCN Type: IBM Security Bulletin 5098960IBM Flex System Chassis Management Module (CMM) is affected by multiple vulnerabilities in OpenSSL including Logjam Source: CCN Type: IBM Security Bulletin 5099032Multiple vulnerabilities in OpenSSH, GNU C Library (glibc), and OpenSSL, including Logjam, affect Integrated Management Module II (IMM2) Source: CCN Type: OpenSSL Security Advisory [11 Jun 2015]OpenSSL Security Advisory Source: secalert@redhat.com Type: Vendor Advisorysecalert@redhat.com Source: CCN Type: WhiteSource Vulnerability DatabaseCVE-2014-8176 Vulnerable Configuration: Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:* Configuration RedHat 6 :cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:* Configuration RedHat 7 :cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:* Configuration RedHat 8 :cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:* Configuration RedHat 9 :cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:* Configuration RedHat 10 :cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:* Configuration CCN 1 :cpe:/a:openssl:openssl:0.9.8:*:*:*:*:*:*:* OR cpe:/a:openssl:openssl:1.0.0:*:*:*:*:*:*:* OR cpe:/a:openssl:openssl:1.0.2:*:*:*:*:*:*:* OR cpe:/a:openssl:openssl:1.0.1:*:*:*:*:*:*:* AND cpe:/a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:* OR cpe:/a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:security_appscan:8.5:*:*:*:enterprise:*:*:* OR cpe:/a:ibm:rational_policy_tester:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:infosphere_guardium:8.2:*:*:*:*:*:*:* OR cpe:/a:ibm:security_appscan:8.6:*:*:*:enterprise:*:*:* OR cpe:/a:ibm:infosphere_guardium:9.0:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:* OR cpe:/a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:* OR cpe:/a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.3:*:*:*:*:*:*:* OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.4:*:*:*:*:*:*:* OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.5:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:* OR cpe:/a:ibm:security_appscan:8.7.0.0:-:enterprise:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:* OR cpe:/a:ibm:smartcloud_provisioning:2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:campaign:8.6:*:*:*:*:*:*:* OR cpe:/a:ibm:campaign:9.0:*:*:*:*:*:*:* OR cpe:/a:ibm:campaign:9.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:7.0:*:web:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:8.0:*:web:*:*:*:*:* OR cpe:/a:ibm:security_appscan:8.8:*:*:*:enterprise:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:* OR cpe:/o:ibm:security_network_protection_firmware:5.3:*:*:*:*:*:*:* OR cpe:/a:ibm:proventia_network_enterprise_scanner:2.3:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_application_developer:9.1:*:*:*:websphere:*:*:* OR cpe:/a:ibm:rational_application_developer:9.1.0.1:*:*:*:websphere:*:*:* OR cpe:/a:ibm:rational_application_developer:9.1.1:*:*:*:websphere:*:*:* OR cpe:/a:ibm:smartcloud_entry:3.2:*:*:*:*:*:*:* OR cpe:/a:ibm:security_privileged_identity_manager:1.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:infosphere_information_server:11.3:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2.2:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2.3:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4.1:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4.2:*:*:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:8.0.0.2:*:web:*:*:*:*:* OR cpe:/a:ibm:security_appscan:9.0:*:*:*:enterprise:*:*:* OR cpe:/a:ibm:pureapplication_system:1.1.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:1.1.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:1.1.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:1.1.0.3:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:1.1.0.4:*:*:*:*:*:*:* OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6:*:*:*:*:*:*:* OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6.2:*:*:*:*:*:*:* OR cpe:/a:ibm:sdk:1.1:*:*:*:node.js:*:*:* OR cpe:/a:ibm:cloud_manager:4.1.0:*:*:*:*:openstack:*:* OR cpe:/o:ibm:security_network_protection_firmware:5.2.0:*:*:*:*:*:*:* OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.3:*:*:*:*:*:*:* OR cpe:/a:ibm:general_parallel_file_system:3.5.0:*:*:*:*:*:*:* OR cpe:/a:ibm:security_appscan:9.0.1::~~enterprise~~~:*:*:*:*:* OR cpe:/a:ibm:infosphere_guardium:9.1:*:*:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:8.0.0.4:*:web:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:8.0.0.5:*:web:*:*:*:*:* OR cpe:/a:ibm:sterling_connect:express:1.5:*:*:*:unix:*:*:* OR cpe:/o:ibm:i:5.4.0:*:*:*:*:*:*:* OR cpe:/o:ibm:i:6.1.0:*:*:*:*:*:*:* OR cpe:/o:ibm:i:7.1.0:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_connect:express:1.4:*:*:*:unix:*:*:* OR cpe:/a:ibm:workload_deployer:3.1.0.7:*:*:*:*:*:*:* OR cpe:/o:ibm:i:7.2.0:*:*:*:*:*:*:* OR cpe:/a:ibm:security_privileged_identity_manager:1.0.1.1:*:*:*:*:*:*:* OR cpe:/o:ibm:i:5.3.0:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:2.0:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_software_architect:9.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_software_architect:9.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_developer_for_i:9.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_privileged_identity_manager:2.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:1.1.0.5:*:*:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:8.0.1:*:web:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:2.0.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_identity_manager:7:*:*:*:*:*:*:* OR cpe:/a:ibm:sdk:1.1:*:node.js:*:bluemix:*:*:* OR cpe:/a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_developer_for_i:9.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_developer_for_i:9.1.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:2.1.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:workflow:-:*:*:*:*:bluemix:*:* OR cpe:/a:ibm:infosphere_guardium:9.5:*:*:*:*:*:*:* OR cpe:/a:ibm:cloud_manager:4.2.0:*:*:*:*:openstack:*:* OR cpe:/a:ibm:security_appscan:9.0.2:-:enterprise:*:*:*:*:* OR cpe:/a:ibm:campaign:9.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:2.1.0.1:*:*:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:8.0.1.2:*:web:*:*:*:*:* OR cpe:/a:ibm:sdk:1.2:*:*:*:node.js:*:*:* OR cpe:/a:ibm:infosphere_guardium:10.0:*:*:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:*:*:mobile:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:8.0.1.3:*:web:*:*:*:*:* OR cpe:/a:ibm:security_privileged_identity_manager:2.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:2.1.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_software_architect:9.1.2:*:*:*:*:*:*:* OR cpe:/a:ibm:storwize_v7000_unified_software:1.5.2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_team_concert:6.0:*:*:*:*:*:*:* OR cpe:/h:ibm:flex_system_manager_node:*:*:*:*:*:*:*:* OR cpe:/a:ibm:pureapplication_system:2.1.1.0:*:*:*:*:*:*:* OR cpe:/a:redhat:jboss_core_services:2.4.6:*:*:*:apache_http_server:*:*:* Denotes that component is vulnerable Oval Definitions BACK
openssl openssl 0.9.8
openssl openssl 1.0.0
openssl openssl 1.0.2
openssl openssl 1.0.1
ibm infosphere information server 8.1
ibm infosphere information server 8.5
ibm security appscan 8.5
ibm rational policy tester 8.5
ibm infosphere guardium 8.2
ibm security appscan 8.6
ibm infosphere guardium 9.0
ibm rational team concert 4.0
ibm infosphere information server 8.7
ibm infosphere information server 9.1
ibm security network intrusion prevention system 4.3
ibm security network intrusion prevention system 4.4
ibm security network intrusion prevention system 4.5
ibm sterling b2b integrator 5.1
ibm rational team concert 4.0.1
ibm sterling b2b integrator 5.2
ibm security appscan 8.7.0.0 -
ibm rational team concert 4.0.0.1
ibm rational team concert 4.0.0.2
ibm rational team concert 4.0.2
ibm rational team concert 4.0.3
ibm smartcloud provisioning 2.1
ibm smartcloud provisioning 2.1.0.1
ibm campaign 8.6
ibm campaign 9.0
ibm campaign 9.1
ibm rational team concert 3.0.1.6
ibm security access manager 7.0
ibm sterling b2b integrator 5.2.4
ibm security access manager 8.0
ibm security appscan 8.8
ibm rational team concert 4.0.4
ibm rational team concert 4.0.5
ibm rational team concert 4.0.6
ibm rational team concert 5.0
ibm security network protection firmware 5.3
ibm proventia network enterprise scanner 2.3
ibm rational application developer 9.1
ibm rational application developer 9.1.0.1
ibm rational application developer 9.1.1
ibm smartcloud entry 3.2
ibm security privileged identity manager 1.0.1
ibm infosphere information server 11.3
ibm sterling b2b integrator 5.2.1
ibm sterling b2b integrator 5.2.2
ibm sterling b2b integrator 5.2.3
ibm sterling b2b integrator 5.2.4.1
ibm sterling b2b integrator 5.2.4.2
ibm security access manager 8.0.0.2
ibm security appscan 9.0
ibm pureapplication system 1.1.0.0
ibm pureapplication system 1.1.0.1
ibm pureapplication system 1.1.0.2
ibm pureapplication system 1.1.0.3
ibm pureapplication system 1.1.0.4
ibm security network intrusion prevention system 4.6
ibm security network intrusion prevention system 4.6.1
ibm security network intrusion prevention system 4.6.2
ibm sdk 1.1
ibm cloud manager 4.1.0
ibm security network protection firmware 5.2.0
ibm smartcloud provisioning 2.1.0.2
ibm smartcloud provisioning 2.1.0.3
ibm general parallel file system 3.5.0
ibm security appscan 9.0.1
ibm infosphere guardium 9.1
ibm security access manager 8.0.0.4
ibm security access manager 8.0.0.5
ibm sterling connect:express 1.5
ibm i 5.4.0
ibm i 6.1.0
ibm i 7.1.0
ibm sterling connect:express 1.4
ibm workload deployer 3.1.0.7
ibm i 7.2.0
ibm security privileged identity manager 1.0.1.1
ibm i 5.3.0
ibm pureapplication system 2.0
ibm rational software architect 9.1
ibm rational software architect 9.1.1
ibm powerkvm 2.1
ibm rational developer for i 9.1
ibm security privileged identity manager 2.0.0
ibm pureapplication system 1.1.0.5
ibm security access manager 8.0.1
ibm rational team concert 4.0.7
ibm rational team concert 5.0.2
ibm pureapplication system 2.0.0.1
ibm security identity manager 7
ibm sdk 1.1
ibm rational team concert 5.0.1
ibm rational developer for i 9.1.1
ibm rational developer for i 9.1.1.1
ibm pureapplication system 2.1.0.0
ibm workflow -
ibm infosphere guardium 9.5
ibm cloud manager 4.2.0
ibm security appscan 9.0.2 -
ibm campaign 9.1.1
ibm pureapplication system 2.1.0.1
ibm security access manager 8.0.1.2
ibm sdk 1.2
ibm infosphere guardium 10.0
ibm security access manager for mobile *
ibm security access manager 8.0.1.3
ibm security privileged identity manager 2.0.1
ibm security identity governance and intelligence 5.1.1
ibm pureapplication system 2.1.0.2
ibm rational software architect 9.1.2
ibm storwize v7000 unified software 1.5.2.1
ibm rational team concert 6.0
ibm flex system manager node *
ibm pureapplication system 2.1.1.0
redhat jboss core services 2.4.6