Vulnerability Name: | CVE-2014-8176 (CCN-103782) |
Assigned: | 2014-10-10 |
Published: | 2015-06-11 |
Updated: | 2022-12-13 |
Summary: | The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data. |
CVSS v3 Severity: | 5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): Low Integrity (I): Low Availibility (A): Low | 7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): High |
|
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial | 6.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P) 4.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
| Impact Metrics: | Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial | 4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P) 3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None | Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Partial |
|
Vulnerability Consequences: | Gain Access |
References: | Source: MITRE Type: CNA CVE-2014-8176
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: RHSA-2016-2957 Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Cisco Security Advisory ID: cisco-sa-20150612-openssl Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: IBM Security Bulletin 1963438 Vulnerabilities in OpenSSL including Logjam affect IBM Security Identity Governance
Source: CCN Type: IBM Security Bulletin T1022444 PowerKVM is affected by OpenSSL vulnerabilities (multiple CVEs)
Source: CCN Type: IBM Security Bulletin T1022527 Vulnerabilities in OpenSSL including Logjam affect IBM GPFS V3.5 for Windows (CVE-2015-4000, CVE-2015-1793, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin T1022647 Vulnerabilities in OpenSSL affect IBM Cloud Manager with OpenStack (CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin T1022655 Vulnerabilities in OpenSSL affect IBM SmartCloud Entry (CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin T1022724 OpenSSL vulnerabilities affect IBM SmartCloud Entry
Source: CCN Type: IBM Security Bulletin T1023117 Multiple Vulnerabilities in OpenSSL including Logjam affect IBM Flex System Manager (FSM)
Source: CCN Type: IBM Security Bulletin N1020840 Vulnerabilities in OpenSSL including Logjam affect IBM i
Source: CCN Type: IBM Security Bulletin N1020862 Vulnerabilities in Open SSL affect Power Hardware Management Console (CVE-2014-8176,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216)
Source: CCN Type: IBM Security Bulletin S1005313 Vulnerabilities in OpenSSL affect IBM SONAS (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin S1005314 Vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin S1009687 (Data ONTAP) Vulnerabilities in OpenSSL affect multiple N series products
Source: CCN Type: IBM Security Bulletin 1959308 Vulnerabilities in OpenSSL including Logjam affect Sterling Connect:Express for UNIX (CVE-2015-4000, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin 1959518 Vulnerabilities in OpenSSL including Logjam affect IBM SDK for Node.js
Source: CCN Type: IBM Security Bulletin 1960157 Vulnerabilities in OpenSSL affected IBM Workflow for Bluemix (CVE-2015-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin 1961438 Vulnerabilities in OpenSSL including Logjam affect IBM SDK for Node.js in IBM Bluemix
Source: CCN Type: IBM Security Bulletin 1961454 Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection
Source: CCN Type: IBM Security Bulletin 1961569 Vulnerabilities in OpenSSL including Logjam affect Rational Application Developer for WebSphere Software (CVE-2015-1791, CVE-2015-1792, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790)
Source: CCN Type: IBM Security Bulletin 1961837 Vulnerabilities in OpenSSL including Logjam affect Rational Software Architect and Rational Software Architect for Websphere Software
Source: CCN Type: IBM Security Bulletin 1962039 Multiple vulnerabilities in OpenSSL affect IBM Security Network Intrusion Prevention System
Source: CCN Type: IBM Security Bulletin 1962519 IBM Security AppScan Enterprise is affected by multiple vulnerabilities
Source: CCN Type: IBM Security Bulletin 1962520 IBM Rational Policy Tester is affected by multiple vulnerabilities
Source: CCN Type: IBM Security Bulletin 1962623 Vulnerabilities in OpenSSL including Logjam affect IBM Security Access Manager for Mobile.
Source: CCN Type: IBM Security Bulletin 1962726 IBM Security Identity Manager Virtual Appliance is affected by multiple vulnerabilities
Source: CCN Type: IBM Security Bulletin 1963096 Vulnerabilities in OpenSSL affect IBM Security Access Manager for Web
Source: CCN Type: IBM Security Bulletin 1963232 Vulnerabilities in OpenSSL including Logjam affect IBM InfoSphere Guardium
Source: CCN Type: IBM Security Bulletin 1963498 Vulnerabilities in OpenSSL affect IBM InfoSphere Information Server
Source: CCN Type: IBM Security Bulletin 1963954 Vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin 1963964 Multiple Security Vulnerabilities Fixed in IBM Security Privileged Identity Manager
Source: CCN Type: IBM Security Bulletin 1964030 Vulnerabilities in OpenSSL affect IBM Security Network Controller (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin 1964033 Vulnerabilities in OpenSSL affect Proventia Network Active Bypass (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
Source: CCN Type: IBM Security Bulletin 1966381 Vulnerabilities in OpenSSLincluding Logjam affect IBM Workload Deployer. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000)
Source: CCN Type: IBM Security Bulletin 1966481 Multiple vulnerabilities in OpenSSL affect IBM Campaign, IBM Contact Optimization
Source: CCN Type: IBM Security Bulletin 1966484 Vulnerabilities in OpenSSL affect IBM NetInsight (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1793)
Source: CCN Type: IBM Security Bulletin 1966847 Multiple vulnerabilities in openssl affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
Source: CCN Type: IBM Security Bulletin 1966873 Vulnerabilities in OpenSSL including Logjam affect the Cordova platform packaged with Rational Application Developer affecting Rational Developer for i and Rational Developer for AIX and Linux
Source: CCN Type: IBM Security Bulletin 1968724 Vulnerabilities in OpenSSL affect IBM Rational Team Concert Build Agent (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2014-8176)
Source: CCN Type: IBM Security Bulletin 1968871 Vulnerability in OpenSSL affects IBM Security Proventia Network Enterprise Scanner (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2014-8176)
Source: CCN Type: IBM Security Bulletin 1969655 Vulnerabilities in OpenSSL including Logjam affect IBM PureApplication System. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000)
Source: CCN Type: BID-75159 OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: XF Type: UNKNOWN openssl-cve20148176-code-exec(103782)
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: Third Party Advisory secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: Exploit secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Cisco Security Advisory cisco-sa-20150612-openssl Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products
Source: CCN Type: IBM Security Bulletin 5098960 IBM Flex System Chassis Management Module (CMM) is affected by multiple vulnerabilities in OpenSSL including Logjam
Source: CCN Type: IBM Security Bulletin 5099032 Multiple vulnerabilities in OpenSSH, GNU C Library (glibc), and OpenSSL, including Logjam, affect Integrated Management Module II (IMM2)
Source: CCN Type: OpenSSL Security Advisory [11 Jun 2015] OpenSSL Security Advisory
Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com
Source: CCN Type: WhiteSource Vulnerability Database CVE-2014-8176
|
Vulnerable Configuration: | Configuration RedHat 1: cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*Configuration RedHat 2: cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*Configuration RedHat 3: cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*Configuration RedHat 4: cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*Configuration RedHat 5: cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*Configuration RedHat 6: cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*Configuration RedHat 7: cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*Configuration RedHat 8: cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*Configuration RedHat 9: cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*Configuration RedHat 10: cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:* Configuration CCN 1: cpe:/a:openssl:openssl:0.9.8:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:1.0.0:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:1.0.2:*:*:*:*:*:*:*OR cpe:/a:openssl:openssl:1.0.1:*:*:*:*:*:*:*AND cpe:/a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:security_appscan:8.5:*:*:*:enterprise:*:*:*OR cpe:/a:ibm:rational_policy_tester:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_guardium:8.2:*:*:*:*:*:*:*OR cpe:/a:ibm:security_appscan:8.6:*:*:*:enterprise:*:*:*OR cpe:/a:ibm:infosphere_guardium:9.0:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.3:*:*:*:*:*:*:*OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.4:*:*:*:*:*:*:*OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.5:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*OR cpe:/a:ibm:security_appscan:8.7.0.0:-:enterprise:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*OR cpe:/a:ibm:smartcloud_provisioning:2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:campaign:8.6:*:*:*:*:*:*:*OR cpe:/a:ibm:campaign:9.0:*:*:*:*:*:*:*OR cpe:/a:ibm:campaign:9.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*OR cpe:/o:ibm:security_access_manager:7.0:*:web:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:*OR cpe:/o:ibm:security_access_manager:8.0:*:web:*:*:*:*:*OR cpe:/a:ibm:security_appscan:8.8:*:*:*:enterprise:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*OR cpe:/o:ibm:security_network_protection_firmware:5.3:*:*:*:*:*:*:*OR cpe:/a:ibm:proventia_network_enterprise_scanner:2.3:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_application_developer:9.1:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:9.1.0.1:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:9.1.1:*:*:*:websphere:*:*:*OR cpe:/a:ibm:smartcloud_entry:3.2:*:*:*:*:*:*:*OR cpe:/a:ibm:security_privileged_identity_manager:1.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_information_server:11.3:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.3:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4.1:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4.2:*:*:*:*:*:*:*OR cpe:/o:ibm:security_access_manager:8.0.0.2:*:web:*:*:*:*:*OR cpe:/a:ibm:security_appscan:9.0:*:*:*:enterprise:*:*:*OR cpe:/a:ibm:pureapplication_system:1.1.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:1.1.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:1.1.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:1.1.0.3:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:1.1.0.4:*:*:*:*:*:*:*OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6:*:*:*:*:*:*:*OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6.1:*:*:*:*:*:*:*OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6.2:*:*:*:*:*:*:*OR cpe:/a:ibm:sdk:1.1:*:*:*:node.js:*:*:*OR cpe:/a:ibm:cloud_manager:4.1.0:*:*:*:*:openstack:*:*OR cpe:/o:ibm:security_network_protection_firmware:5.2.0:*:*:*:*:*:*:*OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.3:*:*:*:*:*:*:*OR cpe:/a:ibm:general_parallel_file_system:3.5.0:*:*:*:*:*:*:*OR cpe:/a:ibm:security_appscan:9.0.1::~~enterprise~~~:*:*:*:*:*OR cpe:/a:ibm:infosphere_guardium:9.1:*:*:*:*:*:*:*OR cpe:/o:ibm:security_access_manager:8.0.0.4:*:web:*:*:*:*:*OR cpe:/o:ibm:security_access_manager:8.0.0.5:*:web:*:*:*:*:*OR cpe:/a:ibm:sterling_connect:express:1.5:*:*:*:unix:*:*:*OR cpe:/o:ibm:i:5.4.0:*:*:*:*:*:*:*OR cpe:/o:ibm:i:6.1.0:*:*:*:*:*:*:*OR cpe:/o:ibm:i:7.1.0:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_connect:express:1.4:*:*:*:unix:*:*:*OR cpe:/a:ibm:workload_deployer:3.1.0.7:*:*:*:*:*:*:*OR cpe:/o:ibm:i:7.2.0:*:*:*:*:*:*:*OR cpe:/a:ibm:security_privileged_identity_manager:1.0.1.1:*:*:*:*:*:*:*OR cpe:/o:ibm:i:5.3.0:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:2.0:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_software_architect:9.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_software_architect:9.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_developer_for_i:9.1:*:*:*:*:*:*:*OR cpe:/a:ibm:security_privileged_identity_manager:2.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:1.1.0.5:*:*:*:*:*:*:*OR cpe:/o:ibm:security_access_manager:8.0.1:*:web:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:2.0.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_manager:7:*:*:*:*:*:*:*OR cpe:/a:ibm:sdk:1.1:*:node.js:*:bluemix:*:*:*OR cpe:/a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_developer_for_i:9.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_developer_for_i:9.1.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:2.1.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:workflow:-:*:*:*:*:bluemix:*:*OR cpe:/a:ibm:infosphere_guardium:9.5:*:*:*:*:*:*:*OR cpe:/a:ibm:cloud_manager:4.2.0:*:*:*:*:openstack:*:*OR cpe:/a:ibm:security_appscan:9.0.2:-:enterprise:*:*:*:*:*OR cpe:/a:ibm:campaign:9.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:2.1.0.1:*:*:*:*:*:*:*OR cpe:/o:ibm:security_access_manager:8.0.1.2:*:web:*:*:*:*:*OR cpe:/a:ibm:sdk:1.2:*:*:*:node.js:*:*:*OR cpe:/a:ibm:infosphere_guardium:10.0:*:*:*:*:*:*:*OR cpe:/o:ibm:security_access_manager:*:*:mobile:*:*:*:*:*OR cpe:/o:ibm:security_access_manager:8.0.1.3:*:web:*:*:*:*:*OR cpe:/a:ibm:security_privileged_identity_manager:2.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:2.1.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_software_architect:9.1.2:*:*:*:*:*:*:*OR cpe:/a:ibm:storwize_v7000_unified_software:1.5.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_team_concert:6.0:*:*:*:*:*:*:*OR cpe:/h:ibm:flex_system_manager_node:*:*:*:*:*:*:*:*OR cpe:/a:ibm:pureapplication_system:2.1.1.0:*:*:*:*:*:*:*OR cpe:/a:redhat:jboss_core_services:2.4.6:*:*:*:apache_http_server:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |
openssl openssl 0.9.8
openssl openssl 1.0.0
openssl openssl 1.0.2
openssl openssl 1.0.1
ibm infosphere information server 8.1
ibm infosphere information server 8.5
ibm security appscan 8.5
ibm rational policy tester 8.5
ibm infosphere guardium 8.2
ibm security appscan 8.6
ibm infosphere guardium 9.0
ibm rational team concert 4.0
ibm infosphere information server 8.7
ibm infosphere information server 9.1
ibm security network intrusion prevention system 4.3
ibm security network intrusion prevention system 4.4
ibm security network intrusion prevention system 4.5
ibm sterling b2b integrator 5.1
ibm rational team concert 4.0.1
ibm sterling b2b integrator 5.2
ibm security appscan 8.7.0.0 -
ibm rational team concert 4.0.0.1
ibm rational team concert 4.0.0.2
ibm rational team concert 4.0.2
ibm rational team concert 4.0.3
ibm smartcloud provisioning 2.1
ibm smartcloud provisioning 2.1.0.1
ibm campaign 8.6
ibm campaign 9.0
ibm campaign 9.1
ibm rational team concert 3.0.1.6
ibm security access manager 7.0
ibm sterling b2b integrator 5.2.4
ibm security access manager 8.0
ibm security appscan 8.8
ibm rational team concert 4.0.4
ibm rational team concert 4.0.5
ibm rational team concert 4.0.6
ibm rational team concert 5.0
ibm security network protection firmware 5.3
ibm proventia network enterprise scanner 2.3
ibm rational application developer 9.1
ibm rational application developer 9.1.0.1
ibm rational application developer 9.1.1
ibm smartcloud entry 3.2
ibm security privileged identity manager 1.0.1
ibm infosphere information server 11.3
ibm sterling b2b integrator 5.2.1
ibm sterling b2b integrator 5.2.2
ibm sterling b2b integrator 5.2.3
ibm sterling b2b integrator 5.2.4.1
ibm sterling b2b integrator 5.2.4.2
ibm security access manager 8.0.0.2
ibm security appscan 9.0
ibm pureapplication system 1.1.0.0
ibm pureapplication system 1.1.0.1
ibm pureapplication system 1.1.0.2
ibm pureapplication system 1.1.0.3
ibm pureapplication system 1.1.0.4
ibm security network intrusion prevention system 4.6
ibm security network intrusion prevention system 4.6.1
ibm security network intrusion prevention system 4.6.2
ibm sdk 1.1
ibm cloud manager 4.1.0
ibm security network protection firmware 5.2.0
ibm smartcloud provisioning 2.1.0.2
ibm smartcloud provisioning 2.1.0.3
ibm general parallel file system 3.5.0
ibm security appscan 9.0.1
ibm infosphere guardium 9.1
ibm security access manager 8.0.0.4
ibm security access manager 8.0.0.5
ibm sterling connect:express 1.5
ibm i 5.4.0
ibm i 6.1.0
ibm i 7.1.0
ibm sterling connect:express 1.4
ibm workload deployer 3.1.0.7
ibm i 7.2.0
ibm security privileged identity manager 1.0.1.1
ibm i 5.3.0
ibm pureapplication system 2.0
ibm rational software architect 9.1
ibm rational software architect 9.1.1
ibm powerkvm 2.1
ibm rational developer for i 9.1
ibm security privileged identity manager 2.0.0
ibm pureapplication system 1.1.0.5
ibm security access manager 8.0.1
ibm rational team concert 4.0.7
ibm rational team concert 5.0.2
ibm pureapplication system 2.0.0.1
ibm security identity manager 7
ibm sdk 1.1
ibm rational team concert 5.0.1
ibm rational developer for i 9.1.1
ibm rational developer for i 9.1.1.1
ibm pureapplication system 2.1.0.0
ibm workflow -
ibm infosphere guardium 9.5
ibm cloud manager 4.2.0
ibm security appscan 9.0.2 -
ibm campaign 9.1.1
ibm pureapplication system 2.1.0.1
ibm security access manager 8.0.1.2
ibm sdk 1.2
ibm infosphere guardium 10.0
ibm security access manager for mobile *
ibm security access manager 8.0.1.3
ibm security privileged identity manager 2.0.1
ibm security identity governance and intelligence 5.1.1
ibm pureapplication system 2.1.0.2
ibm rational software architect 9.1.2
ibm storwize v7000 unified software 1.5.2.1
ibm rational team concert 6.0
ibm flex system manager node *
ibm pureapplication system 2.1.1.0
redhat jboss core services 2.4.6