Vulnerability Name:

CVE-2019-16869 (CCN-167672)

Assigned:2019-09-16
Published:2019-09-16
Updated:2022-03-30
Summary:Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
6.4 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-444
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2019-16869

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:3892

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:3901

Source: REDHAT
Type: Third Party Advisory
RHSA-2020:0159

Source: REDHAT
Type: Third Party Advisory
RHSA-2020:0160

Source: REDHAT
Type: Third Party Advisory
RHSA-2020:0161

Source: REDHAT
Type: Third Party Advisory
RHSA-2020:0164

Source: REDHAT
Type: Third Party Advisory
RHSA-2020:0445

Source: XF
Type: UNKNOWN
netty-cve201916869-request-smuggling(167672)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/netty/netty/compare/netty-4.1.41.Final...netty-4.1.42.Final

Source: CCN
Type: netty GIT Repository
http request smuggling, cause by obfuscating TE header #9571

Source: MISC
Type: Exploit, Issue Tracking, Patch, Third Party Advisory
https://github.com/netty/netty/issues/9571

Source: MLIST
Type: Mailing List, Third Party Advisory
[spark-issues] 20191219 [jira] [Commented] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[olingo-dev] 20191206 [jira] [Assigned] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-dev] 20190930 [jira] [Created] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - netty-3.10.6.Final.jar: CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-issues] 20191003 [jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[olingo-dev] 20191227 [jira] [Commented] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-issues] 20191001 [jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-commits] 20191003 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3563: Update Netty to fix CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-dev] 20191001 Re: [VOTE] Apache ZooKeeper release 3.5.6 candidate 2

Source: MLIST
Type: Mailing List, Third Party Advisory
[spark-issues] 20191220 [jira] [Resolved] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[olingo-dev] 20191206 [jira] [Updated] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[spark-issues] 20191220 [jira] [Commented] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[spark-issues] 20191220 [jira] [Issue Comment Deleted] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-issues] 20190930 [jira] [Updated] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - netty with CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-issues] 20190930 [jira] [Updated] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[spark-issues] 20191220 [jira] [Comment Edited] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[spark-issues] 20191219 [jira] [Created] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-issues] 20190930 [jira] [Created] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - netty-3.10.6.Final.jar: CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-issues] 20191008 [jira] [Resolved] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[olingo-dev] 20191206 [jira] [Commented] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[olingo-dev] 20191206 [jira] [Resolved] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-issues] 20191008 [jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[olingo-dev] 20191209 [jira] [Commented] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[spark-issues] 20191220 [jira] [Reopened] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-dev] 20191002 Re: [VOTE] Apache ZooKeeper release 3.5.6 candidate 2

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-commits] 20191003 [zookeeper] branch branch-3.5.6 updated: ZOOKEEPER-3563: Update Netty to fix CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-commits] 20191003 [zookeeper] branch master updated: ZOOKEEPER-3563: Update Netty to address CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15417) CVE-2019-16869(Netty is vulnerable to HTTP Request Smuggling) of severity 7.5

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-issues] 20190930 [jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[olingo-dev] 20191206 [jira] [Created] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[tinkerpop-commits] 20191022 [tinkerpop] branch tp34 updated: Bump to Netty 4.1.42 fixes CVE-2019-16869 - CTR

Source: MLIST
Type: Mailing List, Third Party Advisory
[zookeeper-dev] 20190930 Re: [VOTE] Apache ZooKeeper release 3.5.6 candidate 2

Source: MLIST
Type: Mailing List, Third Party Advisory
[spark-issues] 20191219 [jira] [Updated] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15418) CVE-2019-16869(Netty is vulnerable to HTTP Request Smuggling) of severity 7.5 for Cassendra 2.2.5

Source: MLIST
Type: Mailing List, Third Party Advisory
[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[camel-commits] 20201120 [camel] branch camel-2.25.x updated: Updating Netty to 4.1.48.Final to fix some CVEs (e.g. CVE-2019-16869, CVE-2019-20444)

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-issues] 20200225 [jira] [Commented] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[cassandra-commits] 20210526 [jira] [Updated] (CASSANDRA-16699) Security vulnerability CVE-2020-7238 for Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[cassandra-commits] 20210924 [jira] [Commented] (CASSANDRA-15417) CVE-2019-16869(Netty is vulnerable to HTTP Request Smuggling) of severity 7.5

Source: MLIST
Type: Mailing List, Third Party Advisory
[cassandra-commits] 20200604 [jira] [Created] (CASSANDRA-15856) Security vulnerabilities with dependency jars of Cassandra 3.11.6

Source: MLIST
Type: Mailing List, Third Party Advisory
[cassandra-commits] 20210924 [jira] [Updated] (CASSANDRA-15417) CVE-2019-16869(Netty is vulnerable to HTTP Request Smuggling) of severity 7.5

Source: MLIST
Type: Mailing List, Third Party Advisory
[pulsar-commits] 20210121 [GitHub] [pulsar] hpvd commented on issue #9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444

Source: MLIST
Type: Mailing List, Third Party Advisory
[rocketmq-dev] 20201224 [GitHub] [rocketmq] crazywen opened a new pull request #2517: fix CVE-2019-16869, CVE-2018-8020

Source: MLIST
Type: Mailing List, Third Party Advisory
[pulsar-commits] 20210120 [GitHub] [pulsar] fmiguelez opened a new issue #9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-issues] 20200310 [jira] [Commented] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-commits] 20200309 [hadoop] branch trunk updated: HADOOP-16871. Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444, CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-issues] 20200219 [jira] [Updated] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[cassandra-commits] 20200218 [jira] [Created] (CASSANDRA-15590) Upgrade io.netty_netty-all dependency to fix security vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[flink-issues] 20200910 [jira] [Created] (FLINK-19195) question on security vulnerabilities in flink

Source: MLIST
Type: Mailing List, Third Party Advisory
[rocketmq-dev] 20201224 [GitHub] [rocketmq] codecov-io commented on pull request #2517: fix CVE-2019-16869, CVE-2018-8020

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-issues] 20200309 [jira] [Commented] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-issues] 20200219 [jira] [Updated] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,

Source: MLIST
Type: Mailing List, Third Party Advisory
[cassandra-commits] 20210526 [jira] [Created] (CASSANDRA-16699) Security vulnerability CVE-2020-7238 for Netty

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-commits] 20200309 [hadoop] branch branch-3.1 updated: HADOOP-16871. Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444, CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[rocketmq-dev] 20201224 [GitHub] [rocketmq] coveralls commented on pull request #2517: fix CVE-2019-16869, CVE-2018-8020

Source: MLIST
Type: Mailing List, Third Party Advisory
[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list

Source: MLIST
Type: Mailing List, Third Party Advisory
[pulsar-commits] 20210122 [GitHub] [pulsar] hpvd commented on issue #9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-commits] 20200309 [hadoop] branch branch-3.2 updated: HADOOP-16871. Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444, CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-issues] 20200219 [jira] [Assigned] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[druid-commits] 20200131 [GitHub] [druid] ccaominh commented on a change in pull request #9300: Fix / suppress netty CVEs CVE-2019-20445 and CVE-2019-20444

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-issues] 20200224 [jira] [Commented] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[hadoop-common-issues] 20200309 [jira] [Updated] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869

Source: MLIST
Type: Mailing List, Third Party Advisory
[flink-dev] 20200910 [jira] [Created] (FLINK-19195) question on security vulnerabilities in flink

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20190930 [SECURITY] [DLA 1941-1] netty security update

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20200219 [SECURITY] [DLA 2110-1] netty-3.9 security update

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20200904 [SECURITY] [DLA 2365-1] netty-3.9 security update

Source: BUGTRAQ
Type: Issue Tracking, Mailing List, Third Party Advisory
20200105 [SECURITY] [DSA 4597-1] netty security update

Source: UBUNTU
Type: Third Party Advisory
USN-4532-1

Source: DEBIAN
Type: Third Party Advisory
DSA-4597

Source: CCN
Type: IBM Security Bulletin 1109787 (Transparent Cloud Tiering)
IBM Transparent Cloud Tiering is affected by Netty vulnerability

Source: CCN
Type: IBM Security Bulletin 1282960 (Spectrum Control Standard Edition)
Netty vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) ( CVE-2019-16869)

Source: CCN
Type: IBM Security Bulletin 2801607 (Tivoli Netcool/OMNIbus)
A vulnerability have been identified in Netty shipped with IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library (CVE-2019-16869)

Source: CCN
Type: IBM Security Bulletin 2893881 (Netcool Agile Service Manager)
Vulnerability in Netty affects IBM Netcool Agile Service Manager

Source: CCN
Type: IBM Security Bulletin 5224569 (Operations Analytics Predictive Insights)
A vulnerability in netty affects IBM Operations Analytics Predictive Insights (CVE-2019-16869)

Source: CCN
Type: IBM Security Bulletin 5692628 (Rational Test Virtualization Server)
Rational Integration Tester HTTP/TCP Proxy component in Rational Test Virtualization Server and Rational Test Workbench affected by Netty vulnerabilities (CVE-2020-7238, CVE-2019-16869, CVE-2019-20445, CVE-2019-20444)

Source: CCN
Type: IBM Security Bulletin 6173925 (Monitoring)
A vulnerability in Netty affects the IBM Performance Management product (CVE-2019-16869)

Source: CCN
Type: IBM Security Bulletin 6198380 (DB2 for Linux- UNIX and Windows)
Multiple vulnerabilities in dependent libraries affect IBM Db2 leading to denial of service or privilege escalation.

Source: CCN
Type: IBM Security Bulletin 6210366 (Monitoring)
Multiple vulnerabilities have been identified in DB2 that affect the IBM Performance Management product

Source: CCN
Type: IBM Security Bulletin 6320057 (Security Guardium Insights)
IBM Security Guardium Insights is affected by Components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6364965 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Netty

Source: CCN
Type: IBM Security Bulletin 6444895 (Db2 Warehouse)
IBM Db2 Warehouse has released a fix in response to multiple vulnerabilities found in IBM Db2

Source: CCN
Type: IBM Security Bulletin 6491163 (Planning Analytics)
IBM Planning Analytics Workspace is affected by security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6495959 (Sterling B2B Integrator)
Netty Vulnerabilities Affect the B2B API of IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 6520510 (Cognos Analytics)
IBM Cognos Analytics has addressed multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6605881 (PureData System for Operational Analytics)
Multiple security vulnerabilities have been identified in IBM DB2 shipped with IBM PureData System for Operational Analytics

Source: CCN
Type: IBM Security Bulletin 6607599 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6830983 (Sterling Order Management)
IBM Sterling Order Management Netty 4.1.34 vulnerablity

Source: CCN
Type: IBM Security Bulletin 6980407 (Sterling Order Management)
Netty Vulnerabilites 4.0.37

Source: CCN
Type: IBM Security Bulletin 7001867 (Cloud Pak for Security)
IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-16869

Vulnerable Configuration:Configuration 1:
  • cpe:/a:netty:netty:*:*:*:*:*:*:*:* (Version < 4.1.42)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

    • Configuration 4:
  • cpe:/a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:tivoli_netcool/omnibus:8.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:linux:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:unix:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:windows:*:*
  • OR cpe:/a:ibm:operations_analytics_predictive_insights:1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:monitoring:8.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:transparent_cloud_tiering:1.1.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:transparent_cloud_tiering:1.1.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_test_workbench:9.2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:netcool_agile_service_manager:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.0.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:linux:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:unix:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:windows:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:linux:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:unix:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:windows:*:*
  • OR cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:transparent_cloud_tiering:1.1.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:transparent_cloud_tiering:1.1.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:linux:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:unix:*:*
  • OR cpe:/a:ibm:db2:11.5:*:*:*:*:windows:*:*
  • OR cpe:/a:ibm:security_guardium_insights:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_discovery:2.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:*
  • OR cpe:/a:ibm:planning_analytics:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.disco:def:2019168690000000
    V
    		CVE-2019-16869 on Ubuntu 19.04 (disco) - medium.
    2019-09-26
    oval:com.ubuntu.bionic:def:2019168690000000
    V
    		CVE-2019-16869 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-09-26
    oval:com.ubuntu.xenial:def:2019168690000000
    V
    		CVE-2019-16869 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-09-26
    BACK
    netty netty *
    debian debian linux 8.0
    debian debian linux 9.0
    debian debian linux 10.0
    canonical ubuntu linux 18.04
    redhat jboss enterprise application platform 7.2
    redhat jboss enterprise application platform 7.3
    redhat jboss enterprise application platform 7.4
    redhat enterprise linux 6.0
    redhat enterprise linux 7.0
    redhat enterprise linux 8.0
    ibm tivoli netcool/omnibus 8.1.0
    ibm db2 11.1
    ibm db2 11.1
    ibm db2 11.1
    ibm operations analytics predictive insights 1.3.6
    ibm monitoring 8.1.4
    ibm transparent cloud tiering 1.1.1.0
    ibm transparent cloud tiering 1.1.5.0
    ibm rational test workbench 9.2.1.1
    ibm netcool agile service manager 1.1
    ibm sterling b2b integrator 6.0.1.0
    ibm db2 11.1
    ibm db2 11.1
    ibm db2 11.1
    ibm db2 11.5
    ibm db2 11.5
    ibm db2 11.5
    ibm watson discovery 2.0.0
    ibm transparent cloud tiering 1.1.3.10
    ibm transparent cloud tiering 1.1.7.2
    ibm cloud transformation advisor 2.0.1
    ibm db2 11.5
    ibm db2 11.5
    ibm db2 11.5
    ibm security guardium insights 2.0.1
    ibm watson discovery 2.1.4
    ibm sterling b2b integrator 6.1.0.0
    ibm planning analytics 2.0
    ibm cognos analytics 11.2.0
    ibm cognos analytics 11.1.7
    ibm cloud pak for security 1.10.0.0