Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
109 vulnerabilities by 3com
VAR-200202-0006
Vulnerability from variot - Updated: 2024-07-23 22:34Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code ・ If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. It was previously known as UCD-SNMP. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. HP has confirmed that large traps will cause OpenView Network Node Manager to crash. This may be due to an exploitable buffer overflow condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200202-0006",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adventnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "american power conversion",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "aprisma",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bea",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bmc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cnt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "comtek services",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cscare",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cacheflow",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "carrier access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "compaq computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "concord",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dart",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "entrada",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "equinox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fluke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "general datacomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hirschmann",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "iplanet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "itouch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "infovista",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "inktomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "innerdive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "karlnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lantronix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "larscom incorporated",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mg soft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "marconi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mercury interactive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "metrobility optical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "micromuse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "monfox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "multinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net snmp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network harmoni",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nbase xyplex",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscout",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netsilicon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscape",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwave",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "optical access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "perle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "powerware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "radware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "snmp research",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sniffer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonicwall",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "symantec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "the sco group sco unix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "tivoli",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "toshiba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "unisphere",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vertical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vina",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "world wide packets",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "xerox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "e security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net com",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "snmp",
"version": "*"
},
{
"model": "windows 98se",
"scope": null,
"trust": 0.9,
"vendor": "microsoft",
"version": null
},
{
"model": "windows",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "2000"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nudesign team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "outback resource group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "veritas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bintec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "interniche",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ncipher corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98 scd"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "me"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (server)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (terminal_srv)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (workstation)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "0"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.0"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.6,
"vendor": "net snmp",
"version": "4.2.1"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.6,
"vendor": "net snmp",
"version": "4.1.1"
},
{
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.6,
"vendor": "net snmp",
"version": "4.2.2"
},
{
"model": "snmp",
"scope": null,
"trust": 0.6,
"vendor": "snmp",
"version": null
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.1.2"
},
{
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.3"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.5"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.4"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.3"
},
{
"model": "research mid-level manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research enterpol",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research dr-web manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "brocade",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6.0"
},
{
"model": "networks aos",
"scope": null,
"trust": 0.3,
"vendor": "redback",
"version": null
},
{
"model": "realplayer intranet",
"scope": "eq",
"trust": 0.3,
"vendor": "realnetworks",
"version": "5.0"
},
{
"model": "software tcpware",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "5.5"
},
{
"model": "software multinet",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "4.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.11"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.2"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows terminal services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "domino snmp agents solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1x86"
},
{
"model": "domino snmp agents solaris sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "domino snmp agents hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "lrs",
"scope": null,
"trust": 0.3,
"vendor": "lantronix",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "solutions router ip console",
"scope": "eq",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.406"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "procurve switch 8000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl-bundle",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2525"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2524"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2512"
},
{
"model": "procurve switch 2424m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 2400m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 1600m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ov/sam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.10"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.22000"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.211.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.210.x"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.111.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.110.x"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.02000"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.011.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.010.20"
},
{
"model": "openview network node manager windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0.23.51/4.0"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview extensible snmp agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "openview emanate snmp agent solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.22.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.211.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.210.20"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.03"
},
{
"model": "mc/serviceguard",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.20.00"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.00"
},
{
"model": "ito/vpo/ovo unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "ems a.03.20",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "services nmserver",
"scope": "eq",
"trust": 0.3,
"vendor": "comtek",
"version": "3.4"
},
{
"model": "associates unicenter",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7"
},
{
"model": "openunix",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "8.0"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.6"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.5"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1"
},
{
"model": "web nms msp edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "web nms",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp utilities",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "mediation server",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "management builder",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "fault management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "configuration management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "cli api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit java/jmx edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit c edition",
"scope": "eq",
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3000"
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1000"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4900"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4400"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3300"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1100"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "50"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "40"
},
{
"model": "dual speed hub",
"scope": null,
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "brocade .0d",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6"
},
{
"model": "solutions router ip console",
"scope": "ne",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.407"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.21.00"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:snmp:snmp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by the Oulu University Secure Programming Group.",
"sources": [
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
}
],
"trust": 0.9
},
"cve": "CVE-2002-0012",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2002-0012",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0012",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#107186",
"trust": 0.8,
"value": "69.26"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#854306",
"trust": 0.8,
"value": "42.64"
},
{
"author": "CNNVD",
"id": "CNNVD-200202-007",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code \u30fb If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. MPE/iX is an Internet-ready operating system for the HP e3000 class servers. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. It was previously known as UCD-SNMP. They typically notify the manager that some event has occured or otherwise provide information about the status of the agent. \nMultiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP trap messages. \nAmong the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. \nHP has confirmed that large traps will cause OpenView Network Node Manager to crash. This may be due to an exploitable buffer overflow condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0012"
},
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
}
],
"trust": 4.68
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0012",
"trust": 3.9
},
{
"db": "CERT/CC",
"id": "VU#107186",
"trust": 3.2
},
{
"db": "BID",
"id": "4088",
"trust": 2.2
},
{
"db": "BID",
"id": "4732",
"trust": 1.9
},
{
"db": "BID",
"id": "4089",
"trust": 1.9
},
{
"db": "BID",
"id": "4132",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#854306",
"trust": 1.4
},
{
"db": "BID",
"id": "5043",
"trust": 1.3
},
{
"db": "XF",
"id": "8177",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007",
"trust": 0.6
},
{
"db": "BID",
"id": "89608",
"trust": 0.3
},
{
"db": "BID",
"id": "89661",
"trust": 0.3
},
{
"db": "BID",
"id": "4203",
"trust": 0.3
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"id": "VAR-200202-0006",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.489583335
},
"last_update_date": "2024-07-23T22:34:48.127000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00184",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00964944"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2001-163.html"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3"
},
{
"title": "IBM Information for VU#107186",
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/iafy-55krcv"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2001-163j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.cert.org/advisories/ca-2002-03.html"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/107186"
},
{
"trust": 1.6,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/"
},
{
"trust": 1.6,
"url": "http://www.cert.org/tech_tips/denial_of_service.html"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc3000.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1212.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1213.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1215.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1270.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2570.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2571.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2572.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2573.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2574.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2575.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2576.txt"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4088"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4132"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4732"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4089"
},
{
"trust": 1.6,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html"
},
{
"trust": 1.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20020201-01-a"
},
{
"trust": 1.0,
"url": "http://www.iss.net/security_center/alerts/advise110.php"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/advisories/4211"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/5043"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1048"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a144"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a161"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a298"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/m-042.shtml"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20020213snmp.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020701.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020901.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2002/at020001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-03"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0012"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/8177"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013"
},
{
"trust": 0.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.6,
"url": "http://www.kb.cert.org/vuls/id/854306"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/bid/4088"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/bid/4089"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/news/474"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-01-16T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2002-02-12T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2002-06-18T00:00:00",
"db": "BID",
"id": "5043"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2002-02-27T00:00:00",
"db": "BID",
"id": "4203"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4088"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"date": "2002-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"date": "2002-02-13T05:00:00",
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2009-07-11T13:56:00",
"db": "BID",
"id": "5043"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4203"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4088"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000033"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-007"
},
{
"date": "2018-10-12T21:30:46.750000",
"db": "NVD",
"id": "CVE-2002-0012"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "5043"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4203"
},
{
"db": "BID",
"id": "4088"
}
],
"trust": 1.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SNMPv1 trap handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
}
],
"trust": 0.6
}
}
VAR-201308-0274
Vulnerability from variot - Updated: 2024-04-19 22:49The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. Information disclosure vulnerabilities and denial of service vulnerabilities exist for multiple HP products. HP JD9##A, 3COM, H3C, etc. are all routers and switches of Hewlett-Packard (HP). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03880910
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03880910 Version: 1
HPSBHF02912 rev.1 - HP Networking Products including H3C and 3COM Routers and Switches, OSPF Remote Information Disclosure and Denial of Service
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
References: CVE-2013-4806 (CERT VU#229804 SSRT101224)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION section below for a list of impacted products.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2013-4806 (AV:N/AC:M/Au:S/C:P/I:N/A:C) 7 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION HP has made the following software updates available to resolve the vulnerabilities in the following products:
Fixed Version HP Branded Products Impacted H3C Branded Products Impacted 3Com Branded Products Impacted
R5000_3.14p14 JD935A HP 5012 Router JD943A HP 5232 Router JD944A HP 5642 Router JD945A HP Router 5642 TAA JD946A HP 5682 Router N/A 3Com Router 5642 TAA (3C13755TAA) 3Com Router 5012 (3C13701) 3Com Router 5232 (3C13751) 3Com Router 5642 (3C13755) 3Com Router 5682 (3C13759)
R301X_1.40.23 JD916A HP 3012 Router JD919A HP 3018 Router N/A 3Com Router 3012 (3C13612) 3Com Router 3018 (3C13618)
S5600_3.10.R1702P39 JD391A HP S5600-50C Ethernet Switch JD392A HP S5600-50C-PWR Ethernet Switch JD393A HP S5600-26C Ethernet Switch JD394A HP S5600-26C-PWR Ethernet Switch JD395A HP S5600-26F Ethernet Switch H3C S5600-26C Ethernet Switch (0235A11F) H3C S5600-26C-PWR Ethernet Switch (0235A11G) H3C S5600-26F Ethernet Switch (0235A11H) H3C S5600-50C Ethernet Switch (0235A11D) H3C S5600-50C-PWR Ethernet Switch (0235A11E) N/A
E5500G_03.03.02p19 JE088A HP E5500-24G Switch JE089A HP E5500-24G Switch (TAA) JE090A HP E5500-48G Switch JE091A HP E5500-48G Switch (TAA) JE092A HP E5500-24G-PoE Switch JE093A HP E5500-24G-PoE Switch (TAA) JE094A HP E5500-48G-PoE Switch JE095A HP E5500-48G-PoE Switch (TAA) JE096A HP E5500-24G-SFP Switch JE097A HP E5500-24G-SPF Switch (TAA) JF551A HP SS4 SWITCH 5500G-EI 24PT (no psu) JF552A HP SS4 SWITCH 5500G-EI 48PT(no psu) JF553A HP SS4 5500G-EI 24 PORT SFP (no psu) N/A 3Com SS4 5500G-EI 24 Port SFP (NO PSU) (3CR17259-91) 3Com SS4 Switch 5500G-EI 24PT (NO PSU) (3CR17254-91) 3Com SS4 Switch 5500G-EI 48PT (NO PSU) (3CR17255-91) 3Com Switch 5500G-EI 24 Port (3CR17250-91) 3Com Switch 5500G-EI 48-Port (3CR17251-91) 3Com Switch 5500G-EI PWR 24-Port (3CR17252-91) 3Com Switch 5500G-EI PWR 48-Port (3CR17253-91) 3Com Switch 5500G-EI SFP 24-Port (3CR17258-91) 3Com TAA Compliant 5500G-EI 24-Port (3CR17250TAA-91) 3Com TAA Compliant 5500G-EI 48-Port (3CR17251TAA-91) 3Com TAA Compliant 5500G-EI PWR 24P (3CR17252TAA-91) 3Com TAA Compliant 5500G-EI PWR 48P (3CR17253TAA-91) 3Com TAA Compliant 5500G-EI SFP 24P (3CR17258TAA-91)
E5500_03.03.02p19 JE099A HP E5500-24 SI Switch JE100A HP E5500-48 SI Switch JE101A HP E5500-24 Switch JE102A HP E5500-24 Switch (TAA) JE103A HP E5500-48 Switch JE104A HP E5500-48 Switch (TAA) JE105A HP E5500-24-PoE Switch JE106A HP E5500-24-PoE Switch (TAA) JE107A HP E5500-48-PoE Switch JE108A HP E5500-48-PoE Switch (TAA) JE109A HP E5500-24-SFP Switch, JE110A HP E5500-24-SPF Switch (TAA) N/A 3Com SS4 Switch 5500-SI 28 Port (3CR17151-91) 3Com SS4 Switch 5500-SI 52 Port (3CR17152-91) 3Com Switch 5500-EI 28-Port (3CR17161-91) 3Com Switch 5500-EI 28-Port FX (3CR17181-91) 3Com Switch 5500-EI 52-Port (3CR17162-91) 3Com Switch 5500-EI PWR 28-Port (3CR17171-91) 3Com Switch 5500-EI PWR 52-Port (3CR17172-91) 3Com TAA Switch 5500-EI 28-Port (3CR17161TAA-91) 3Com TAA Switch 5500-EI 28-Port FX (3CR17181TAA-91) 3Com TAA Switch 5500-EI 52-Port (3CR17162TAA-91) 3Com TAA Switch 5500-EI PWR 28-Port (3CR17171TAA-91) 3Com TAA Switch 5500-EI PWR 52-Port (3CR17172TAA-91)
S3600.EI_3.10.R1702P34 JD326A HP 3600-24-PoE EI Switch JD328A HP 3600-48-PoE EI Switch JD331A HP 3600-24 EI Switch JD333A HP 3600-48 EI Switch JD334A HP 3600-24-SFP EI Switch H3C S3600-28F-EI - model LS-3600-28F-EI-OVS (0235A10L) H3C S3600-28P-EI - model LS-3600-28P-EI-OVS (0235A10H) H3C S3600-28P-PWR-EI - model LS-3600-28P-PWR-EI-OVS (0235A10C) H3C S3600-52P-EI - model LS-3600-52P-EI-OVS (0235A10K) H3C S3600-52P-PWR-EI - model LS-3600-52P-PWR-EI-OVS (0235A10E) N/A
E.11.38 J4850A HP ProCurve Switch 5304xl J8166A HP ProCurve Switch 5304xl-32G J4819A HP ProCurve Switch 5308xl J8167A HP ProCurve Switch 5308xl-48G J4849A HP ProCurve Switch 5348xl J4849B HP ProCurve Switch 5348xl J4848A HP ProCurve Switch 5372xl J4848B HP ProCurve Switch 5372xl
N/A N/A
M.10.99 J4906A HP E3400-48G cl Switch J4905A HP ProCurve Switch 3400cl-24G N/A N/A
M.08.140 J8433A HP 6400-6XG CL Switch J8474A HP 6410-6XG CL Switch N/A N/A
HISTORY Version:1 (rev.1) - 8 August 2013 Initial Release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlIDpdwACgkQ4B86/C0qfVldlwCcDDroDhqjX0UVp4i8jVvizBGx XcQAnjFZJnhpwE7xpI1wxQZ1tdrFvaGL =Q4Dh -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201308-0274",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "s5600-26c-pwr"
},
{
"model": "3com router",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "5682"
},
{
"model": "3com router",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "5012"
},
{
"model": "3com router",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "3018"
},
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "s5600-50c"
},
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "s5600-50c-pwr"
},
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "s5600-26c"
},
{
"model": "3com router",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "3012"
},
{
"model": "3com router",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "5232"
},
{
"model": "3com router",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "5642"
},
{
"model": "5500-24g ei switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd377a"
},
{
"model": "5500-24g si switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd369a"
},
{
"model": "5500-24g-sfp ei switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd374a"
},
{
"model": "5500-24g-sfp dc ei switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd379a"
},
{
"model": "5500g-48 ei 10\\/100\\/1000 no power supply unit switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jf552a"
},
{
"model": "5500-48g si switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd370a"
},
{
"model": "5500-24g-poe si switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd371a"
},
{
"model": "5500g-24 ei 10\\/100\\/1000 no power supply unit switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jf551a"
},
{
"model": "5500-24g-poe ei switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd378a"
},
{
"model": "5500-24g dc ei switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd373a"
},
{
"model": "5500-48g-poe ei switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd376a"
},
{
"model": "3com router",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "5642_taa"
},
{
"model": "5500-24g-4sfp hi switch with 2 interface slots",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jg311a"
},
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "s5600-26f"
},
{
"model": "5500-48g ei switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd375a"
},
{
"model": "5500-48g-poe si switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jd372a"
},
{
"model": "5500g-24 ei sfp no power supply unit switch",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "jf553a"
},
{
"model": "3com router",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "3012"
},
{
"model": "3com router",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "3018"
},
{
"model": "3com router",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "5012"
},
{
"model": "3com router",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "5232"
},
{
"model": "3com router",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "5642"
},
{
"model": "3com router",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "5642 taa"
},
{
"model": "3com router",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "5682"
},
{
"model": "3com switch 5500g-ei 24-port",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jf551a"
},
{
"model": "3com switch 5500g-ei 24-port sfp",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jf553a"
},
{
"model": "3com switch 5500g-ei 48-port",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jf552a"
},
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "s5600-26c"
},
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "s5600-26c-pwr"
},
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "s5600-26f"
},
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "s5600-50c"
},
{
"model": "h3c ethernet switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "s5600-50c-pwr"
},
{
"model": "hp 5500-24g dc ei switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd373a"
},
{
"model": "hp 5500-24g ei switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd377a"
},
{
"model": "hp 5500-24g si switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd369a"
},
{
"model": "hp 5500-24g-4sfp hi switch with 2 interface slots",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jg311a"
},
{
"model": "hp 5500-24g-poe ei switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd378a"
},
{
"model": "hp 5500-24g-poe+ si switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd371a"
},
{
"model": "hp 5500-24g-sfp dc ei switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd379a"
},
{
"model": "hp 5500-24g-sfp ei switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd374a"
},
{
"model": "hp 5500-48g ei switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd375a"
},
{
"model": "hp 5500-48g si switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd370a"
},
{
"model": "hp 5500-48g-poe ei switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd376a"
},
{
"model": "hp 5500-48g-poe si switch",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "jd372a"
},
{
"model": "h3c routers switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "3com routers switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "s5600-50c-pwr ethernet switch jd392a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "s5600-50c ethernet switch jd391a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "s5600-26f ethernet switch jd395a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "s5600-26c-pwr ethernet switch jd394a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "s5600-26c ethernet switch jd393a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "router taa jd945a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "56420"
},
{
"model": "procurve switch 5372xl j4848b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "procurve switch 5372xl j4848a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "procurve switch 5348xl j4849b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "procurve switch 5348xl j4849a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "procurve switch 5308xl-48g j8167a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "procurve switch 5308xl j4819a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "procurve switch 5304xl-32g j8166a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "procurve switch 5304xl j4850a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "procurve switch 3400cl-24g j4905a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "je099a hp e5500-24 si switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "je088a hp e5500-24g switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-48g-poe switch je094a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-48g-poe switch je095a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-48g switch je090a all",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48g switch je091a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-48-poe switch je107a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-48-poe switch je108a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-48 switch je103a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-48 switch je104a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-48 si switch je100a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24g-spf switch je097a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24g-sfp switch je096a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24g-poe switch je092a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24g-poe switch je093a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24g switch je088a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24g switch je089a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24-spf switch je110a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24-sfp switch je109a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24-poe switch je105a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24-poe switch je106a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24 switch je101a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24 switch je102a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e5500-24 si switch je099a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "e3400-48g cl switch j4906a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "6410-6xg cl switch j8474a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "6400-6xg cl switch j8433a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "router jd946a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "56820"
},
{
"model": "router jd944a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "56420"
},
{
"model": "router jd943a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "52320"
},
{
"model": "router jd935a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "50120"
},
{
"model": "3600-48-poe ei switch jd328a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ei switch jd333a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600-480"
},
{
"model": "3600-24-sfp ei switch jd334a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "3600-24-poe ei switch jd326a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ei switch jd331a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600-240"
},
{
"model": "router jd919a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "30180"
},
{
"model": "router jd916a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "30120"
},
{
"model": "s5600-50c-pwr ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "0"
},
{
"model": "s5600-50c ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "0"
},
{
"model": "s5600-26f ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "0"
},
{
"model": "s5600-26c-pwr ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "0"
},
{
"model": "s5600-26c ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "0"
},
{
"model": "s3600-52p-pwr-ei model ls-3600-52p-pwr-ei-ovs",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "-0"
},
{
"model": "s3600-52p-ei model ls-3600-52p-ei-ovs",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "-0"
},
{
"model": "s3600-28p-pwr-ei model ls-3600-28p-pwr-ei-ovs",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "-0"
},
{
"model": "s3600-28p-ei model ls-3600-28p-ei-ovs",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "-0"
},
{
"model": "s3600-28f-ei model ls-3600-28f-ei-ovs",
"scope": "eq",
"trust": 0.3,
"vendor": "h3c",
"version": "-0"
},
{
"model": "taa switch 5500-ei pwr 52-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "taa switch 5500-ei pwr 28-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "taa switch 5500-ei 52-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "taa switch 5500-ei 28-port fx",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "taa switch 5500-ei 28-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "taa compliant 5500g-ei sfp 24p",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "taa compliant 5500g-ei pwr 48p",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "taa compliant 5500g-ei pwr 24p",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "taa compliant 5500g-ei 48-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "taa compliant 5500g-ei 24-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "switch 5500g-ei sfp 24-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "switch 5500g-ei pwr 48-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "switch 5500g-ei pwr 24-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "switch 5500g-ei 48-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "switch 5500g-ei port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "240"
},
{
"model": "switch 5500-ei pwr 52-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "switch 5500-ei pwr 28-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "switch 5500-ei 52-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "switch 5500-ei 28-port fx",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "switch 5500-ei 28-port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "ss4 switch 5500g-ei 48pt",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "ss4 switch 5500g-ei 24pt",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "ss4 switch 5500-si port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "520"
},
{
"model": "ss4 switch 5500-si port",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "280"
},
{
"model": "ss4 5500g-ei port sfp",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "240"
},
{
"model": "router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "56820"
},
{
"model": "router taa",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "56420"
},
{
"model": "router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "56420"
},
{
"model": "router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "52320"
},
{
"model": "router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "50120"
},
{
"model": "router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "30180"
},
{
"model": "router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "30120"
},
{
"model": "s5600-50c-pwr ethernet switch jd392a s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "s5600-50c ethernet switch jd391a s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "s5600-26f ethernet switch jd395a s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "s5600-26c-pwr ethernet switch jd394a s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "s5600-26c ethernet switch jd393a s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "router taa jd945a r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5642"
},
{
"model": "procurve switch 5372xl j4848b e.11.38",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5372xl j4848a e.11.38",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5348xl j4849b e.11.38",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5348xl j4849a e.11.38",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5308xl-48g j8167a e.11.38",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5308xl j4819a e.11.38",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5304xl-32g j8166a e.11.38",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 5304xl j4850a e.11.38",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 3400cl-24g j4905a m.10.99",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "je099a hp e5500-24 si switch e5500 03.03.02p21",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "je088a hp e5500-24g switch e5500g 03.03.02p21",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48g-poe switch je094a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48g-poe switch je095a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48g switch je090a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48g switch je091a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48-poe switch je107a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48-poe switch je108a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48 switch je103a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48 switch je104a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-48 si switch je100a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24g-spf switch je097a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24g-sfp switch je096a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24g-poe switch je092a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24g-poe switch je093a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24g switch je088a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24g switch je089a e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24-spf switch je110a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24-sfp switch je109a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24-poe switch je105a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24-poe switch je106a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24 switch je101a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24 switch je102a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e5500-24 si switch je099a e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "e3400-48g cl switch j4906a m.10.99",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "6410-6xg cl switch j8474a m.08.140",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "6400-6xg cl switch j8433a m.08.140",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "router jd946a r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5682"
},
{
"model": "router jd944a r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5642"
},
{
"model": "router jd943a r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5232"
},
{
"model": "router jd935a r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5012"
},
{
"model": "3600-48-poe ei switch jd328a s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ei switch jd333a s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3600-48"
},
{
"model": "3600-24-sfp ei switch jd334a s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "3600-24-poe ei switch jd326a s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ei switch jd331a s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3600-24"
},
{
"model": "router jd919a r301x 1.40.23",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3018"
},
{
"model": "router jd916a r301x 1.40.23",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3012"
},
{
"model": "s5600-50c-pwr ethernet switch s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "s5600-50c ethernet switch s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "s5600-26f ethernet switch s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "s5600-26c-pwr ethernet switch s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "s5600-26c ethernet switch s5600 3.10.r1702p39",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "s3600-52p-pwr-ei model ls-3600-52p-pwr-ei-ovs s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "s3600-52p-ei model ls-3600-52p-ei-ovs s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "s3600-28p-pwr-ei model ls-3600-28p-pwr-ei-ovs s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "s3600-28p-ei model ls-3600-28p-ei-ovs s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "s3600-28f-ei model ls-3600-28f-ei-ovs s3600.ei 3.10.r1702p",
"scope": "ne",
"trust": 0.3,
"vendor": "h3c",
"version": null
},
{
"model": "taa switch 5500-ei pwr 52-port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "taa switch 5500-ei pwr 28-port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "taa switch 5500-ei 52-port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "taa switch 5500-ei 28-port fx e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "taa switch 5500-ei 28-port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "taa compliant 5500g-ei sfp 24p e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "taa compliant 5500g-ei pwr 48p e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "taa compliant 5500g-ei pwr 24p e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "taa compliant 5500g-ei 48-port e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "taa compliant 5500g-ei 24-port e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "switch 5500g-ei sfp 24-port e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "switch 5500g-ei pwr 48-port e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "switch 5500g-ei pwr 24-port e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "switch 5500g-ei 48-port e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "switch 5500g-ei port e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "24"
},
{
"model": "switch 5500-ei pwr 52-port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "switch 5500-ei pwr 28-port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "switch 5500-ei 52-port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "switch 5500-ei 28-port fx e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "switch 5500-ei 28-port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "ss4 switch 5500g-ei 48pt e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "ss4 switch 5500g-ei 24pt e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "ss4 switch 5500-si port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "52"
},
{
"model": "ss4 switch 5500-si port e5500 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "28"
},
{
"model": "ss4 5500g-ei port sfp e5500g 03.03.02p19",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "24"
},
{
"model": "router r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "5682"
},
{
"model": "router taa r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "5642"
},
{
"model": "router r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "5642"
},
{
"model": "router r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "5232"
},
{
"model": "router r5000 3.14p14",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "5012"
},
{
"model": "router r301x 1.40.23",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "3018"
},
{
"model": "router r301x 1.40.23",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "3012"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "3com router",
"version": "3012"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "3com router",
"version": "3018"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "3com router",
"version": "5012"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "3com router",
"version": "5232"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "3com router",
"version": "5642"
},
{
"model": "5642 taa",
"scope": null,
"trust": 0.2,
"vendor": "3com router",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "3com router",
"version": "5682"
},
{
"model": "jg311a",
"scope": null,
"trust": 0.2,
"vendor": "5500 24g 4sfp hi switch with 2 interface slots",
"version": null
},
{
"model": "jd378a",
"scope": null,
"trust": 0.2,
"vendor": "5500 24g poe ei switch",
"version": null
},
{
"model": "jd371a",
"scope": null,
"trust": 0.2,
"vendor": "5500 24g poe si switch",
"version": null
},
{
"model": "jd379a",
"scope": null,
"trust": 0.2,
"vendor": "5500 24g sfp dc ei switch",
"version": null
},
{
"model": "jd374a",
"scope": null,
"trust": 0.2,
"vendor": "5500 24g sfp ei switch",
"version": null
},
{
"model": "jd373a",
"scope": null,
"trust": 0.2,
"vendor": "5500 24g dc ei switch",
"version": null
},
{
"model": "jd377a",
"scope": null,
"trust": 0.2,
"vendor": "5500 24g ei switch",
"version": null
},
{
"model": "jd369a",
"scope": null,
"trust": 0.2,
"vendor": "5500 24g si switch",
"version": null
},
{
"model": "jd376a",
"scope": null,
"trust": 0.2,
"vendor": "5500 48g poe ei switch",
"version": null
},
{
"model": "jd372a",
"scope": null,
"trust": 0.2,
"vendor": "5500 48g poe si switch",
"version": null
},
{
"model": "jd375a",
"scope": null,
"trust": 0.2,
"vendor": "5500 48g ei switch",
"version": null
},
{
"model": "jd370a",
"scope": null,
"trust": 0.2,
"vendor": "5500 48g si switch",
"version": null
},
{
"model": "jf551a",
"scope": null,
"trust": 0.2,
"vendor": "5500g 24 ei 10 100 1000 no power supply unit switch",
"version": null
},
{
"model": "jf553a",
"scope": null,
"trust": 0.2,
"vendor": "5500g 24 ei sfp no power supply unit switch",
"version": null
},
{
"model": "jf552a",
"scope": null,
"trust": 0.2,
"vendor": "5500g 48 ei 10 100 1000 no power supply unit switch",
"version": null
},
{
"model": "s5600-26c",
"scope": null,
"trust": 0.2,
"vendor": "h3c ethernet switch",
"version": null
},
{
"model": "s5600-26c-pwr",
"scope": null,
"trust": 0.2,
"vendor": "h3c ethernet switch",
"version": null
},
{
"model": "s5600-26f",
"scope": null,
"trust": 0.2,
"vendor": "h3c ethernet switch",
"version": null
},
{
"model": "s5600-50c",
"scope": null,
"trust": 0.2,
"vendor": "h3c ethernet switch",
"version": null
},
{
"model": "s5600-50c-pwr",
"scope": null,
"trust": 0.2,
"vendor": "h3c ethernet switch",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"db": "BID",
"id": "61691"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003710"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-157"
},
{
"db": "NVD",
"id": "CVE-2013-4806"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hp:5500-24g-sfp_dc_ei_switch:jd379a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-24g-sfp_ei_switch:jd374a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-24g-4sfp_hi_switch_with_2_interface_slots:jg311a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3com_router:5642_taa:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3com_router:3012:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3com_router:5682:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-24g-poe_ei_switch:jd378a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-24g-poe_si_switch:jd371a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-48g_ei_switch:jd375a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-48g_si_switch:jd370a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:h3c_ethernet_switch:s5600-50c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3com_router:3018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500g-24_ei_sfp_no_power_supply_unit_switch:jf553a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500g-48_ei_10\\/100\\/1000_no_power_supply_unit_switch:jf552a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-48g-poe_ei_switch:jd376a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-48g-poe_si_switch:jd372a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:h3c_ethernet_switch:s5600-50c-pwr:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3com_router:5012:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500g-24_ei_10\\/100\\/1000_no_power_supply_unit_switch:jf551a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-24g_dc_ei_switch:jd373a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-24g_ei_switch:jd377a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5500-24g_si_switch:jd369a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26c-pwr:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3com_router:5642:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3com_router:5232:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4806"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "BID",
"id": "61691"
},
{
"db": "PACKETSTORM",
"id": "122758"
}
],
"trust": 0.4
},
"cve": "CVE-2013-4806",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"impactScore": 7.8,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-4806",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2013-12420",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "VHN-64808",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:P/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-4806",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-12420",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201308-157",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-64808",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"db": "VULHUB",
"id": "VHN-64808"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003710"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-157"
},
{
"db": "NVD",
"id": "CVE-2013-4806"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. Information disclosure vulnerabilities and denial of service vulnerabilities exist for multiple HP products. HP JD9##A, 3COM, H3C, etc. are all routers and switches of Hewlett-Packard (HP). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03880910\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03880910\nVersion: 1\n\nHPSBHF02912 rev.1 - HP Networking Products including H3C and 3COM Routers and\nSwitches, OSPF Remote Information Disclosure and Denial of Service\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nReferences: CVE-2013-4806 (CERT VU#229804 SSRT101224)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nPlease refer to the RESOLUTION\n section below for a list of impacted products. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2013-4806 (AV:N/AC:M/Au:S/C:P/I:N/A:C) 7\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nHP has made the following software updates available to resolve the\nvulnerabilities in the following products:\n\nFixed Version\n HP Branded Products Impacted\n H3C Branded Products Impacted\n 3Com Branded Products Impacted\n\nR5000_3.14p14\n JD935A HP 5012 Router\nJD943A HP 5232 Router\nJD944A HP 5642 Router\nJD945A HP Router 5642 TAA\nJD946A HP 5682 Router\n N/A\n 3Com Router 5642 TAA (3C13755TAA)\n3Com Router 5012 (3C13701)\n3Com Router 5232 (3C13751)\n3Com Router 5642 (3C13755)\n3Com Router 5682 (3C13759)\n\nR301X_1.40.23\n JD916A HP 3012 Router\nJD919A HP 3018 Router\n N/A\n 3Com Router 3012 (3C13612)\n3Com Router 3018 (3C13618)\n\nS5600_3.10.R1702P39\n JD391A HP S5600-50C Ethernet Switch\nJD392A HP S5600-50C-PWR Ethernet Switch\nJD393A HP S5600-26C Ethernet Switch\nJD394A HP S5600-26C-PWR Ethernet Switch\nJD395A HP S5600-26F Ethernet Switch\n H3C S5600-26C Ethernet Switch (0235A11F)\nH3C S5600-26C-PWR Ethernet Switch (0235A11G)\nH3C S5600-26F Ethernet Switch (0235A11H)\nH3C S5600-50C Ethernet Switch (0235A11D)\nH3C S5600-50C-PWR Ethernet Switch (0235A11E)\n N/A\n\nE5500G_03.03.02p19\n JE088A HP E5500-24G Switch\nJE089A HP E5500-24G Switch (TAA)\nJE090A HP E5500-48G Switch\nJE091A HP E5500-48G Switch (TAA)\nJE092A HP E5500-24G-PoE Switch\nJE093A HP E5500-24G-PoE Switch (TAA)\nJE094A HP E5500-48G-PoE Switch\nJE095A HP E5500-48G-PoE Switch (TAA)\nJE096A HP E5500-24G-SFP Switch\nJE097A HP E5500-24G-SPF Switch (TAA)\nJF551A HP SS4 SWITCH 5500G-EI 24PT (no psu)\nJF552A HP SS4 SWITCH 5500G-EI 48PT(no psu)\nJF553A HP SS4 5500G-EI 24 PORT\nSFP (no psu)\n N/A\n 3Com SS4 5500G-EI 24 Port SFP (NO PSU) (3CR17259-91)\n3Com SS4 Switch 5500G-EI 24PT (NO PSU) (3CR17254-91)\n3Com SS4 Switch 5500G-EI 48PT (NO PSU) (3CR17255-91)\n3Com Switch 5500G-EI 24 Port (3CR17250-91)\n3Com Switch 5500G-EI 48-Port (3CR17251-91)\n3Com Switch 5500G-EI PWR 24-Port (3CR17252-91)\n3Com Switch 5500G-EI PWR 48-Port (3CR17253-91)\n3Com Switch 5500G-EI SFP 24-Port (3CR17258-91)\n3Com TAA Compliant 5500G-EI 24-Port (3CR17250TAA-91)\n3Com TAA Compliant 5500G-EI 48-Port (3CR17251TAA-91)\n3Com TAA Compliant 5500G-EI PWR 24P (3CR17252TAA-91)\n3Com TAA Compliant 5500G-EI PWR 48P (3CR17253TAA-91)\n3Com TAA Compliant 5500G-EI SFP 24P (3CR17258TAA-91)\n\nE5500_03.03.02p19\n JE099A HP E5500-24 SI Switch\nJE100A HP E5500-48 SI Switch\nJE101A HP E5500-24 Switch\nJE102A HP E5500-24 Switch (TAA)\nJE103A HP E5500-48 Switch\nJE104A HP E5500-48 Switch (TAA)\nJE105A HP E5500-24-PoE Switch\nJE106A HP E5500-24-PoE Switch (TAA)\nJE107A HP E5500-48-PoE Switch\nJE108A HP E5500-48-PoE Switch (TAA)\nJE109A HP E5500-24-SFP Switch,\nJE110A HP E5500-24-SPF Switch (TAA)\n N/A\n 3Com SS4 Switch 5500-SI 28 Port (3CR17151-91)\n3Com SS4 Switch 5500-SI 52 Port (3CR17152-91)\n3Com Switch 5500-EI 28-Port (3CR17161-91)\n3Com Switch 5500-EI 28-Port FX (3CR17181-91) 3Com Switch 5500-EI 52-Port\n(3CR17162-91)\n3Com Switch 5500-EI PWR 28-Port (3CR17171-91) 3Com Switch 5500-EI PWR 52-Port\n(3CR17172-91)\n3Com TAA Switch 5500-EI 28-Port (3CR17161TAA-91)\n3Com TAA Switch 5500-EI 28-Port FX (3CR17181TAA-91)\n3Com TAA Switch 5500-EI 52-Port (3CR17162TAA-91)\n3Com TAA Switch 5500-EI PWR 28-Port (3CR17171TAA-91)\n3Com TAA Switch 5500-EI PWR 52-Port (3CR17172TAA-91)\n\nS3600.EI_3.10.R1702P34\n JD326A HP 3600-24-PoE EI Switch\nJD328A HP 3600-48-PoE EI Switch\nJD331A HP 3600-24 EI Switch\nJD333A HP 3600-48 EI Switch\nJD334A HP 3600-24-SFP EI Switch\n H3C S3600-28F-EI - model LS-3600-28F-EI-OVS (0235A10L)\nH3C S3600-28P-EI - model LS-3600-28P-EI-OVS (0235A10H)\nH3C S3600-28P-PWR-EI - model LS-3600-28P-PWR-EI-OVS (0235A10C)\nH3C S3600-52P-EI - model LS-3600-52P-EI-OVS (0235A10K)\nH3C S3600-52P-PWR-EI - model LS-3600-52P-PWR-EI-OVS (0235A10E)\n N/A\n\nE.11.38\n J4850A HP ProCurve Switch 5304xl\nJ8166A HP ProCurve Switch 5304xl-32G\nJ4819A HP ProCurve Switch 5308xl\nJ8167A HP ProCurve Switch 5308xl-48G\nJ4849A HP ProCurve Switch 5348xl\nJ4849B HP ProCurve Switch 5348xl\nJ4848A HP ProCurve Switch 5372xl\nJ4848B HP ProCurve Switch 5372xl\n\n N/A\n N/A\n\nM.10.99\n J4906A HP E3400-48G cl Switch\nJ4905A HP ProCurve Switch 3400cl-24G\n N/A\n N/A\n\nM.08.140\n J8433A HP 6400-6XG CL Switch J8474A HP 6410-6XG CL Switch\n N/A\n N/A\n\nHISTORY\nVersion:1 (rev.1) - 8 August 2013 Initial Release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlIDpdwACgkQ4B86/C0qfVldlwCcDDroDhqjX0UVp4i8jVvizBGx\nXcQAnjFZJnhpwE7xpI1wxQZ1tdrFvaGL\n=Q4Dh\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4806"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003710"
},
{
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"db": "BID",
"id": "61691"
},
{
"db": "IVD",
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-64808"
},
{
"db": "PACKETSTORM",
"id": "122758"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-64808",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64808"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4806",
"trust": 3.7
},
{
"db": "CERT/CC",
"id": "VU#229804",
"trust": 2.5
},
{
"db": "BID",
"id": "61691",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201308-157",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-12420",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003710",
"trust": 0.8
},
{
"db": "HP",
"id": "SSRT101224",
"trust": 0.6
},
{
"db": "HP",
"id": "HPSBHF02912",
"trust": 0.6
},
{
"db": "IVD",
"id": "C8D06C06-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "122758",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-64808",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"db": "VULHUB",
"id": "VHN-64808"
},
{
"db": "BID",
"id": "61691"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003710"
},
{
"db": "PACKETSTORM",
"id": "122758"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-157"
},
{
"db": "NVD",
"id": "CVE-2013-4806"
}
]
},
"id": "VAR-201308-0274",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"db": "VULHUB",
"id": "VHN-64808"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12420"
}
]
},
"last_update_date": "2024-04-19T22:49:59.231000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBHF02912 SSRT101224",
"trust": 0.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03880910"
},
{
"title": "Patch for multiple HP product input validation vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/38216"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003710"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4806"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/229804"
},
{
"trust": 2.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03880910"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4806"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4806"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/61691"
},
{
"trust": 0.3,
"url": "http://www.3com.com/"
},
{
"trust": 0.3,
"url": " http://www.phptoys.com/product/micro-news.html"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?spf_p.tpst=kbdocdisplay\u0026spf_p.prp_kbdocdisplay=wsrp-navigationalstate%3ddocid%253demr_na-c03880910-1%257cdoclocale%253d%"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4806"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"db": "VULHUB",
"id": "VHN-64808"
},
{
"db": "BID",
"id": "61691"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003710"
},
{
"db": "PACKETSTORM",
"id": "122758"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-157"
},
{
"db": "NVD",
"id": "CVE-2013-4806"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"db": "VULHUB",
"id": "VHN-64808"
},
{
"db": "BID",
"id": "61691"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003710"
},
{
"db": "PACKETSTORM",
"id": "122758"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-157"
},
{
"db": "NVD",
"id": "CVE-2013-4806"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-19T00:00:00",
"db": "IVD",
"id": "c8d06c06-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-08-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"date": "2013-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-64808"
},
{
"date": "2013-08-08T00:00:00",
"db": "BID",
"id": "61691"
},
{
"date": "2013-08-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003710"
},
{
"date": "2013-08-09T02:19:40",
"db": "PACKETSTORM",
"id": "122758"
},
{
"date": "2013-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-157"
},
{
"date": "2013-08-12T10:58:49.527000",
"db": "NVD",
"id": "CVE-2013-4806"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12420"
},
{
"date": "2014-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-64808"
},
{
"date": "2013-08-08T00:00:00",
"db": "BID",
"id": "61691"
},
{
"date": "2014-02-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003710"
},
{
"date": "2013-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-157"
},
{
"date": "2014-01-04T04:49:15.410000",
"db": "NVD",
"id": "CVE-2013-4806"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201308-157"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural HP Product OSPF Service disruption in implementations (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003710"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201308-157"
}
],
"trust": 0.6
}
}
VAR-201302-0018
Vulnerability from variot - Updated: 2023-12-18 12:58Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community. HP/H3C Made and Huawei There are vulnerabilities in network devices that lack access restrictions. HP/H3C Made and Huawei Network devices SNMP There is a problem with request processing and there is a vulnerability with insufficient access restrictions.A remote attacker may gain access to the management functions of the product. Multiple HP products have security vulnerabilities that allow attackers to exploit vulnerabilities to obtain sensitive information. No detailed vulnerability details are currently available. Hewlett-Packard (HP) is the world's leading high-tech provider, providing a full range of products such as notebooks, desktop computers, and workstations. The vulnerability is caused by the program not implementing access control correctly as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0. Through SNMP requests with read-only communities, remote authentication attackers exploit this vulnerability to discover credentials in UserInfoEntry values.
Identifiers
US-CERT VU#225404 CVE-2012-3268
Vendor release
HP/H3C: https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03515685&ac.admitted=1350939600802.876444892.492883150
Huawei: In the works
Researcher
Kurt Grutzmacher grutz jingojango dot net http://grutztopia.jingojango.net/ twitter: @grutz
Details
Huawei/H3C have two OIDs, 'old' and 'new':
old: 1.3.6.1.4.1.2011.10 new: 1.3.6.1.4.1.25506
Most devices support both formats.
The MIBs h3c-user.mib and hh3c-user.mib, for the purpose of this document, will be referred to as (h)h3c-user.mib. This MIB defines the internal table and objects to "Manage configuration and Monitor running state for userlog feature."
This means there are some cool objects with data in this MIB penetration testers or malicious actors would want to get their dirty little hands on. Most objects are only accessible with the read/write community string.
In the revision history of (h)h3c-user.mib, version 2.0 modified the MAX-ACCESS from read-only to read-create the following objects within the (h)h3cUserInfoEntry sequence:
(h)h3cUserName (h)h3cUserPassword (h)h3cAuthMode (h)h3cUserLevel
The purpose of these objects are to provide the locally configured users to those with a valid SNMP community. After the change only those with the read-write community string should have access, however this was not the case and the code still retained the earlier access of read-only.
So if you have the SNMP public community string then you have the ability to view these entries.
Why this is impactful
The (h)h3cUserPassword is presented in one of three formats as defined in the (h)h3cAuthMode object and mirrors how passwords are stored in the device configuration:
0 -- password simple, meaning cleartext 7 -- password cipher, meaning ciphertext 9 -- password sha-256, meaning one-way sha-256 hash
SHA-256 is a recent addition and is not supported on all devices yet.
Globbing some users
You must have an SNMP read-only or read-write string and access to the SNMP port (udp/161) for this to work:
$ snmpwalk ?c public ?v 1 $IP 1.3.6.1.4.1.2011.10.2.12.1.1.1
or
$ snmpwalk ?c public ?v 1 $IP 1.3.6.1.4.1.25506.2.12.1.1.1
Weaponizing
Files relevant to this disclosure:
hh3c-localuser-enum.rb - Metasploit auxiliary scanner module snmp-h3c-login.nse - Nmap Scripting Engine module
These will soon be posted to https://github.com/grutz/h3c-pt-tools and requested to be added to each tool.
Mitigation
By itself this is already bad but most users who do any of the following may already be protected:
- Use complex SNMP community strings or disable SNMPv1
- Have disabled the mib entries for (h)h3c-user
- Do not define local users, use RADIUS or TACACS+
More specific routines can be found in the vendor's release.
Why this is a bigger problem
People make poor choices. They like to think their equipment won't rat them out so they use cleartext passwords on networking equipment.
The cipher is an interesting one because it's basically an unknown... What, you think the only thing I had to share at Toorcon was SNMP and some cleartext credentials?
Timeline
June-ish 2012: Research begins after seeing something cool on a penetration test
August 6, 2012: Contacted US-CERT to coordinate vendor disclosure, VU#225404
September 5, 2012: No response from H3C, contacted US-CERT again
September 6, 2012: H3C (through US-CERT) requests more time, I state intention to present findings at Toorcon (Oct 19/20, 2012) or disclose if talk not accepted.
September 18, 2012: Approved for Toorcon! Information goes up not long after on Toorcon website.
September 18-October 16, 2012: Build slides, work on tools, no contact with US-CERT or vendors.
October 16, 2012: HP contacts me directly asking that I not present this information at Toorcon
October 18, 2012: Publicly state agreement to cancel the Toorcon talk
October 22, 2012: HP discloses! What what? Why bother putting any pressure not to give the talk if you're gonna give everything out 2 days later?
October 23, 2012: So I publish. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03515685
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03515685 Version: 2
HPSBHF02819 SSRT100920 rev.2 - HP, 3COM, and H3C Routers & Switches, Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-10-25 Last Updated: 2012-10-25
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP, 3COM, and H3C routers and switches. The vulnerabilities could be remotely exploited resulting in disclosure of information.
For more information, refer to CERT VU#225404 on the CERT website.
References: SSRT100962, CVE-2012-3268, CERT VU#225404
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Vendor Product Name Product Number
HP 10500/7500 Advanced VPN Firewall Module JD249A
H3C S7500E SecBlade VPN Firewall Module 0231A832, LSQ1FWBSC0
HP 10504 Switch Chassis JC613A
HP 10508 Switch Chassis JC612A
HP 10508-V Switch Chassis JC611A
HP 10512 Switch Chassis JC748A
HP 12500 VPN Firewall Module JC635A
HP 12508 DC Switch Chassis JC652A
HP 12508 Switch Chassis JC086A
H3C S12508 Chassis 0235A38N
HP 12508 Switch Chassis JF431A
HP A12508 Switch Chassis
H3C S12508 Chassis 0235A0E6
HP 12508 Switch Chassis JF431B
HP A12508 Switch Chassis
H3C S12508 (AC-1) Routing Switch 0235A0GE
HP 12508 Switch Chassis JF431C
HP 12518 DC Switch Chassis JC653A
HP 12518 DC Switch Chassis JC653A
HP 12518 Switch Chassis JC085A
HP A12518 Switch Chassis
H3C S12518 Chassis 0235A38M
HP 12518 Switch Chassis JF430A
HP A12518 Switch Chassis
H3C S12518 Chassis 0235A0E7
HP 12518 Switch Chassis JF430B
HP A12518 Switch Chassis
H3C S12518 (AC-1) Routing Switch 0235A0GF
HP 12518 Switch Chassis JF430C
HP 1910-16G Switch JE005A
3Com Baseline Plus 2900G Switch - 20 port 3CRBSG2093
HP 1910-24G Switch JE006A
3Com Baseline Plus 2900G Switch - 28 port 3CRBSG2893
HP 1910-24G-PoE (365W) Switch JE007A
3Com Baseline Plus 2900G Switch - 28HPWR 3CRBSG28HPWR93
HP 1910-24G-PoE (170W) Switch JE008A
HP V1910-24G-PoE (170W) Switch
3Com Baseline Plus 2900G Switch - 28PWR 3CRBSG28PWR93
HP 1910-48G Switch JE009A
3Com Baseline Plus 2900 Switch Gigabit Family - 52 port 3CRBSG5293
HP 1910-8G Switch JG348A
HP 1910-8G-PoE+ (180W) Switch JG350A
HP 1910-8G-PoE+ (65W) Switch JG349A
HP 200-CS UTM Appliance JD268A
H3C SecPath U200-CS 0235A0CT
HP 200-M UTM Appliance JD274A
HP 3000-10G-PoE+ Wireless Switch JD450A
HP A3000-10G-PoE+ Wireless Switch
H3C WX3010,8 PoEPlus 0235A37U
HP 3000-24G-PoE+ Wireless Switch JD449A
HP A3000-24G-PoE+ Wireless Switch
H3C WX3024,4SFPCombo Plus Slot Plus PoEPlus 0235A37T
HP 3000-8G-PoE+ Wireless Switch JD444A
H3C WX3008, 4 POE Plus 0235A0AS
HP 3012 Router JD916A
3Com 3012 Router 3C13612
HP 3013 Router JD917A
3Com 3013 Router 3C13613
HP 3016 Router JD918A
3Com 3016 Router 3C13616
HP 3036 Router JD921A
3Com 3036 Router 3C13636
HP 3040 Router JD922A
3Com 3040 Router 3C13640
HP 3041 Router JD923A
3Com 3041 Router 3C13641
HP 3100-16 DC EI Switch JD314A
HP A3100-16 DC EI Switch
H3C S3100-16TP-EI - model LS-3100-16TP-EI-H3-D-O 0235A23H
HP 3100-16 EI Switch JD319A
H3C S3100-16TP-EI - model LS-3100-16TP-EI-H3-A-O 0235A300
HP 3100-16 SI Switch JD305A
H3C S3100-16T-SI - model LS-S3100-16T-SI-AC-OVS 0235A15C
HP 3100-16 v2 EI Switch JD319B
HP 3100-16 v2 SI Switch JG222A
HP 3100-16-PoE EI Switch JD312A
H3C S3100-16TP-PWR-EI - model LS-3100-16TP-PWR-EI-H3 0235A19C
HP 3100-24 DC EI Switch JD315A
HP A3100-24 DC EI Switch
H3C S3100-26TP-EI - model LS-3100-26TP-EI-H3-D-O 0235A23P
HP 3100-24 EI Switch JD320A
HP A3100-24 EI Switch
H3C S3100-26TP-EI - model LS-3100-26TP-EI-H3-A-O 0235A301
HP 3100-24 SI Switch JD306A
HP A3100-24 SI Switch
H3C S3100-26T-SI - model LS-S3100-26T-SI-AC-OVS 0235A15D
HP 3100-24 v2 EI Switch JD320B
HP 3100-24 v2 SI Switch JG223A
HP 3100-24-PoE EI Switch JD313A
HP A3100-24-PoE EI Switch
H3C S3100-26TP-PWR-EI - model LS-3100-26TP-PWR-EI-H3 0235A19D
HP 3100-24-PoE v2 EI Switch JD313B
HP 3100-48 Switch JD317A
H3C S3100-52P - model LS-3100-52P-OVS-H3 0235A248
HP 3100-48 v2 Switch JG315A
HP 3100-8 DC EI Switch JD316A
H3C S3100-8TP-EI - model LS-3100-8TP-EI-H3-D-O 0235A23T
HP 3100-8 EI Switch JD318A
H3C S3100-8TP-EI - model LS-3100-8TP-EI-H3-A-O 0235A29Y
HP 3100-8 SI Switch JD304A
HP A3100-8 SI Switch
H3C S3100-8T-SI - model LS-S3100-8T-SI-AC-OVS 0235A15B
HP 3100-8 SI Switch JD307A
H3C S3100-8C-SI - model LS-S3100-8C-SI-AC-OVS 0235A15F
HP 3100-8 v2 EI Switch JD318B
HP 3100-8 v2 SI Switch JG221A
HP 3100-8-PoE EI Switch JD311A
H3C S3100-8TP-PWR-EI - model LS-3100-8TP-PWR-EI-H3 0235A19B
HP 3600-24 EI Switch JD331A
HP A3600-24 EI Switch
H3C S3600-28P-EI - model LS-3600-28P-EI-OVS 0235A10H
HP 3600-24 SI Switch JD330A
HP A3600-24 SI Switch
H3C S3600-28P-SI - model LS-3600-28P-SI-OVS 0235A10G
HP 3600-24 v2 EI Switch JG299A
HP 3600-24 v2 SI Switch JG304A
HP 3600-24-PoE EI Switch JD326A
HP A3600-24-PoE EI Switch
H3C S3600-28P-PWR-EI - model LS-3600-28P-PWR-EI-OVS 0235A10C
HP 3600-24-PoE SI Switch JD325A
HP A3600-24-PoE SI Switch
H3C S3600-28P-PWR-SI - model LS-3600-28P-PWR-SI-OVS 0235A10B
HP 3600-24-PoE+ v2 EI Switch JG301A
HP 3600-24-SFP EI Switch JD334A
HP A3600-24-SFP EI Switch
H3C S3600-28F-EI - model LS-3600-28F-EI-OVS 0235A10L
HP 3600-24-SFP v2 EI Switch JG303A
HP 3600-24TP SI Switch JD329A
HP A3600-24TP SI Switch
H3C S3600-28TP-SI - model LS-3600-28TP-SI-OVS 0235A10F
HP 3600-48 EI Switch JD333A
HP A3600-48 EI Switch
H3C S3600-52P-EI - model LS-3600-52P-EI-OVS 0235A10K
HP 3600-48 SI Switch JD332A
H3C S3600-52P-SI - model LS-3600-52P-SI-OVS 0235A10J
HP 3600-48 v2 EI Switch JG300A
HP 3600-48 v2 SI Switch JG305A
HP 3600-48-PoE EI Switch JD328A
HP A3600-48-PoE EI Switch
H3C S3600-52P-PWR-EI - model LS-3600-52P-PWR-EI-OVS 0235A10E
HP 3600-48-PoE SI Switch JD327A
HP A3600-48-PoE SI Switch
H3C S3600-52P-PWR-SI - model LS-3600-52P-PWR-SI-OVS 0235A10D
HP 3600-48-PoE+ v2 EI Switch JG302A
HP 3600-48-PoE+ v2 SI Switch JG307A
HP 3610-24-2G-2G-SFP Switch JD337A
HP A3610-24-2G-SFP Switch
H3C S3610-28TP - model LS-3610-28TP-OVS 0235A22E
HP 3610-24-4G-SFP Switch JD336A
HP A3610-24-4G Switch
H3C S3610-28P - model LS-3610-28P-OVS 0235A22D
HP 3610-24-SFP Switch JD338A
HP A3610-24-SFP Switch
H3C S3610-28F - model LS-3610-28F-OVS 0235A22F
HP 3610-48 Switch JD335A
HP A3610-48 Switch
H3C S3610-52P - model LS-3610-52P-OVS 0235A22C
HP 4200-12G Switch JE015A
HP E4200-12G Switch
3Com 4200G Switch 12-Port 3CR17660-91
HP 4210-16 Switch JE024A
HP E4210-16 Switch
3Com 4210 Switch 18-Port 3CR17332-91
HP 4210-16 Switch JE025A
3Com SWITCH 4210 18-Port 3CR17332A-91
HP 4210-24 Switch JE026A
3Com 4210 Switch 26-Port 3CR17333-91
HP 4210-24 Switch JF427A
HP E4210-24 Switch
3Com 4210 Switch 26-Port 3CR17333A-91
HP 4210-24G Switch JF844A
HP E4210-24G Switch
3Com 4210-24G Switch 3CRS42G-24-91
HP 4210-24G-PoE Switch JF846A
HP E4210-24G-PoE Switch
3Com Switch E4210-24G-PoE 3CRS42G-24P-91
HP 4210-24-PoE Switch JE032A
3Com 4210 Switch PWR 26-Port 3CR17343-91
HP 4210-24-PoE Switch JE033A
3Com 4210 PWR Switch 26-Port 3CR17343A-91
HP 4210-48 Switch JE027A
3Com 4210 Switch 52-Port 3CR17334-91
HP 4210-48G Switch JF845A
HP E4210-48G Switch
3Com 4210-48G Switch 3CRS42G-48-91
HP 4210-8 Switch JE021A
3Com 4210 Switch 9-Port 3CR17331-91
HP 4210-8 Switch JE022A
3Com 4210 Switch 9-Port 3CR17331A-91
HP 4210-8-PoE Switch JE028A
3Com 4210 PWR Switch 9-Port 3CR17341-91
HP 4210-8-PoE Switch JE029A
3Com 4210 PWR Switch 9-Port 3CR17341A-91
HP 4500-24 Switch JE045A
3Com 4500 Switch 26-Port 3CR17561-91
HP 4500-24G-PoE Switch JE061A
3Com 4500G PWR Switch 24-Port 3CR17771-91
HP 4500-24-PoE Switch JE047A
3Com 4500 PWR Switch 26-Port 3CR17571-91
HP 4500-48 Switch JE046A
3Com 4500 Switch 50-Port 3CR17562-91
HP 4500-48G-PoE Switch JE063A
HP E4500-48G-PoE Switch
3Com 4500G PWR Switch 48-Port 3CR17772-91
HP 4500-48-PoE Switch JE048A
3Com 4500 PWR Switch 50-Port 3CR17572-91
HP 4510-24G Switch JF847A
HP E4510-24G Switch
3Com Switch E4510-24G 3CRS45G-24-91
HP 4510-48G Switch JF428A
HP E4510-48G Switch
3Com 4510G Switch 48 Port 3CRS45G-48-91
HP 4800-24G Switch JD007A
3Com 4800G Switch 24-Port 3CRS48G-24-91
HP 4800-24G-PoE Switch JD008A
3Com 4800G PWR Switch 24-Port 3CRS48G-24P-91
HP 4800-24G-SFP Switch JD009A
HP E4800-24G-SFP Switch
3Com 4800G Switch 24-Port SFP 3CRS48G-24S-91
HP 4800-48G Switch JD010A
3Com 4800G Switch 48-Port 3CRS48G-48-91
HP 4800-48G-PoE Switch JD011A
3Com 4800G PWR Switch 48-Port 3CRS48G-48P-91
HP 5012 Router JD935A
3Com 5012 Router 3C13701
HP 5120-16G SI Switch JE073A
H3C S5120-20P-SI L2, 16GE Plus 4SFP 0235A42B
HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots JG245A
HP 5120-24G SI Switch JE074A
H3C S5120-28P-SI 24GE Plus 4 SFP 0235A42D
HP 5120-24G-PoE+ (170W) SI Switch JG092A
H3C S5120-28P-PWR-SI 0235A0E3
HP 5120-24G-PoE+ (370W) SI Switch JG091A
H3C S5120-28P-HPWR-SI 0235A0E5
HP 5120-24G-PoE+ EI Switch with 2 Interface Slots JG236A
HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots JG247A
HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots JG246A
HP 5120-48G SI Switch JE072A
HP A5120-48G SI Switch
H3C S5120-52P-SI 48GE Plus 4 SFP 0235A41W
HP 5120-48G-PoE+ EI Switch with 2 Interface Slots JG237A
HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots JG248A
HP 5232 Router JD943A
3Com 5232 Router 3C13751
HP 5500-24G DC EI Switch JD373A
H3C S5500-28C-EI-DC,Ethernet Switch 0235A24S
HP 5500-24G EI Switch JD377A
H3C S5500-28C-EI,Ethernet Switch 0235A253
HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots JG250A
HP 5500-24G SI Switch JD369A
H3C S5500-28C-SI,Ethernet Switch 0235A04U
HP 5500-24G-4SFP HI Switch with 2 Interface Slots JG311A
HP 5500-24G-PoE EI Switch JD378A
H3C S5500-28C-PWR-EI,Ethernet Switch 0235A255
HP 5500-24G-PoE SI Switch JD371A
H3C S5500-28C-PWR-SI,Ethernet Switch 0235A05H
HP 5500-24G-PoE+ EI Switch with 2 Interface Slots JG241A
HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface Slots JG252A
HP 5500-24G-PoE+ SI Switch with 2 Interface Slots JG238A
HP 5500-24G-SFP DC EI Switch JD379A
H3C S5500-28F-EI,Eth Swtch,DC Single Pwr 0235A259
HP 5500-24G-SFP EI Switch JD374A
H3C S5500-28F-EI,Eth Switch,AC Single 0235A24U
HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface Slots JG249A
HP 5500-48G EI Switch JD375A
H3C S5500-52C-EI,Ethernet Switch 0235A24X
HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots JG251A
HP 5500-48G SI Switch JD370A
H3C S5500-52C-SI,Ethernet Switch 0235A04V
HP 5500-48G-4SFP HI Switch with 2 Interface Slots JG312A
HP 5500-48G-PoE EI Switch JD376A
H3C S5500-52C-PWR-EI,Ethernet Switch 0235A251
HP 5500-48G-PoE SI Switch JD372A
H3C S5500-52C-PWR-SI,Ethernet Switch 0235A05J
HP 5500-48G-PoE+ EI Switch with 2 Interface Slots JG240A
HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface Slots JG253A
HP 5500-48G-PoE+ SI Switch with 2 Interface Slots JG239A
HP 5500G-24 EI 10/100/1000 No Power Supply Unit Switch JF551A
3Com SS4 5500G-EI Switch 24PT (NO PSU) 3CR17254-91
HP 5500G-24 EI SFP No Power Supply Unit Switch JF553A
3Com SS4 5500G-EI 24 Port,SFP (NO PSU) 3CR17259-91
HP 5500G-48 EI 10/100/1000 No Power Supply Unit Switch JF552A
3Com SS4 5500G-EI Switch 48PT (NO PSU) 3CR17255-91
HP 5682 Router JD946A
3Com 5682 Router 3C13759
HP 5800-24G Switch JC100A
H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot 0235A36U
HP 5800-24G TAA-compliant Switch JG255A
HP 5800-24G-PoE Switch JC099A
H3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X (SFP Plus ) Plus 1 media module, PoE 0235A36S
HP 5800-24G-PoE+ TAA-compliant Switch JG254A
HP 5800-24G-SFP Switch JC103A
H3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus media module (no power) 0235A374
HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot JG256A
HP 5800-48G Switch JC105A
H3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus ) Plus media module 0235A379
HP 5800-48G Switch with 2 Slots JC101A
H3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM 0235A36W
HP 5800-48G TAA-compliant Switch with 1 Interface Slot JG258A
HP 5800-48G-PoE Switch JC104A
H3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module 0235A378
HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot JG257A
HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots JG242A
HP 5800AF-48G Switch JG225A
HP 5810-48G Switch JF242A
HP A5810-48G with 2 SFP+ slots AC Switch
H3C S5810 48-BT, 2 SFP Plus , AC 0235A42H
HP 5820 VPN Firewall Module JD255A
HP A5820 VPN Firewall Module
H3C S5820 SecBlade VPN Firewall Module LSWM1FW10, 0231A94J
HP 5830 CTO Built Switch JG478A
HP 5830AF-48G Switch with 1 Interface Slot JC691A
HP 5830AF-96G Switch JC694A
HP 6600 Firewall Processing Router Module JD250A
HP A6600 Firewall Processing Module
H3C SR66 Gigabit Firewall Module 0231A88A
HP 6600 RPE-X1 Router Module JC165A
HP A6600 RPE-X1 Main Processing Unit
H3C RT-SR66-RPE-X1-H3 RPE-X1, 0231A761
HP 6600 RSE-X1 Router Main Processing Unit JC566A
HP 6602 Router Chassis JC176A
HP A6602 Router
H3C SR6602 1U Router Host 0235A27D
HP 6604 Router Chassis JC178A
HP A6604 Router Chassis
H3C RT-SR6604-OVS-H3 0235A37X
HP 6604 Router Chassis JC178B
HP 6608 Router JC177A
HP A6608 Router
H3C RT-SR6608-OVS-H3 0235A32X
HP 6608 Router Chassis JC177B
HP 6616 Router Chassis JC496A
HP A6616 Router Chassis
H3C SR6616 Router Chassis 0235A41D
HP 7500 384Gbps Fabric Module JD194A
HP A7500 384Gbps Fabric/Main Processing Unit
H3C S7500E 384 Gbps Fabric 0231A73K
HP 7500 384Gbps Fabric Module with 2 XFP Ports JD193A
HP A7500 384Gbps Fabric/Main Processing Unit with 2 10GbE XFP Ports
H3C S7500E 384 Gbps Fabric w/ 2-port 10GBASE-X (XFP) 0231A73J
HP 7500 384Gbps Fabric Module with 2 XFP Ports JD193B
HP A7500 384Gbps Fabric/Main Processing Unit with 2 10GbE XFP Ports
H3C S7500E Salience VI-10G Switch and Route Processing Unit,with 2 XFP Interfaces LSQ1SRP2XB0, 0231A0KW
HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit JC700A
HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP Ports JC699A
HP 7500 768Gbps Fabric Module JD220A
HP A7510 768Gbps Fabric/Main Processing Unit
H3C S7510E 768 Gbps Fabric LSQ1SRPD0, 0231A86P
HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit JC701A
HP A7510 768Gbps TAA-compliant Fabric/Main Processing Unit
HP 7502 Switch Chassis JD242A
HP A7502 Switch Chassis
H3C S7502E Chassis w/ fans 0235A29A
HP 7502 Switch Chassis JD242B
H3C S7502E Ethernet Switch Chassis with Fan 0235A0G4
HP 7502 TAA-compliant Main Processing Unit JC697A
HP A7502 TAA-compliant Main Processing Unit
HP 7503 Switch Chassis JD240A
HP A7503 Switch Chassis
H3C S7503E Chassis w/ fans 0235A27R
HP 7503 Switch Chassis JD240B
HP A7503 Switch Chassis
H3C S7503E Ethernet Switch Chassis with Fan 0235A0G2
HP 7503 Switch Chassis with 1 Fabric Slot JD243A
HP A7503-S Switch Chassis
H3C S7503E-S Chassis w/ fans 0235A33R
HP 7503 Switch Chassis with 1 Fabric Slot JD243B
H3C S7503E-S Ethernet Switch Chassis with Fan 0235A0G5
HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port Gig-T/4-port GbE Combo JC666A
HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8 GbE Combo Ports JC698A
HP 7506 Switch Chassis JD239A
HP A7506 Switch Chassis H3C S7506E Chassis w/ fans 0235A27Q
HP 7506 Switch Chassis JD239B
HP A7506 Switch Chassis
H3C S7506E Ethernet Switch Chassis with Fan 0235A0G1
HP 7506 Vertical Switch Chassis JD241A
HP A7506-V Switch Chassis
H3C S7506E-V Chassis w/ fans 0235A27S
HP 7506 Vertical Switch Chassis JD241B
HP A7506-V Switch Chassis
H3C S7506E-V Ethernet Switch Chassis with Fan 0235A0G3
HP 7510 Switch Chassis JD238A
HP A7510 Switch Chassis
H3C S7510E Chassis w/ fans 0235A25N
HP 7510 Switch Chassis JD238B
HP A7510 Switch Chassis
H3C S7510E Ethernet Switch Chassis with Fan 0235A0G0
HP 8800 Firewall Processing Module JD251A
H3C SR88 Firewall Processing Module 0231A88L
HP 8802 Router Chassis JC147A
HP A8802 Router Chassis
H3C SR8802 10G Core Router Chassis 0235A31B
HP 8802 Router Chassis JC147B
HP A8802 Router Chassis
H3C SR8802 10G Core Router Chassis 0235A0GC
HP 8805 Router Chassis JC148A
HP A8805 Router Chassis
H3C SR8805 10G Core Router Chassis 0235A31C
HP 8805 Router Chassis JC148B
HP A8805 Router Chassis
H3C SR8805 10G Core Router Chassis 0235A0G8
HP 8807 7-slot Chassis Kit JE203A
3Com 8807 Switch 7-slot Chassis Kit 3C17543
HP 8807 Kit (TAA) Switch JE204A
3Com SW8807 Kit TAA 3C17543TAA
HP 8808 Router Chassis JC149A
HP A8808 Router Chassis
H3C SR8808 10G Core Router Chassis 0235A31D
HP 8808 Router Chassis JC149B
HP A8808 Router Chassis
H3C SR8808 10G Core Router Chassis 0235A0G9
HP 8810 10-slot AC (TAA) Chassis Kit JE201A
3Com SW8810 AC Chassis Kit TAA 3C17541TAA
HP 8810 10-slot Chassis Kit JE200A
3Com 8810 Switch 10-slot Chassis Kit 3C17541
HP 8812 Router Chassis JC150A
HP A8812 Router Chassis
H3C SR8812 10G Core Router Chassis 0235A31E
HP 8812 Router Chassis JC150B
HP A8812 Router Chassis
H3C SR8812 10G Core Router Chassis 0235A0GA
HP 8814 14-slot AC (TAA) Chassis Kit JE199A
3Com SW8814 AC Chassis Kit TAA 3C17540TAA
HP 8814 14-slot Chassis Kit JE198A
3Com 8814 Switch 14-slot Chassis Kit 3C17540
HP 9500 VPN Firewall Module JD245A
H3C S9500E SecBlade VPN Firewall Module LSR1FW2A1, 0231A0AV
HP 9505 Switch Chassis JC124B
HP A9505 Switch Chassis
H3C S9505E Routing-Switch Chassis 0235A0G6
HP 9508-V Switch Chassis JC474A
H3C S9508E-V Routing-Switch Chassis 0235A38Q
HP 9508-V Switch Chassis JC474B
H3C S9508E-V Routing-Switch Chassis 0235A38Q
HP 9512 Switch Chassis JC125A
HP A9512 Switch Chassis
H3C S9512E Chassis w/ Fans 0235A38R
HP 9512 Switch Chassis JC125B
HP A9512 Switch Chassis
H3C S9512E Routing-Switch Chassis 0235A0G7
HP A3100 (LS6MCFL1UB) Ethernet Switch JE545A
H3C S3100 Ethernet Switch,LS6MCFL1UB,Sin 0231A65T
HP A3100-16 DC SI 2-slot Switch JD302A
H3C S3100-16C-SI - model LS-S3100-16C-SI-DC-OVS 0235A14V
HP A3100-16 SI with 2 External Slots Switch JD308A
H3C S3100-16C-SI - model LS-S3100-16C-SI-AC-OVS 0235A15G
HP A3100-24 DC SI 2-slot Switch JD303A
H3C S3100-26C-SI - model LS-S3100-26C-SI-DC-OVS 0235A14W
HP A3100-24 SI 2-slot Switch JD309A
H3C S3100-26C-SI - model LS-S3100-26C-SI-AC-OVS 0235A15H
HP A3100-26C-EPON-EI Switch JG059A
HP A3100-8 SI 1-slot Switch JD310A
H3C S3100-8C-SI - model LS-S3100-8C-SI-DC-OVS 0235A15J
HP A5100-16G EI Switch JD351A
H3C S5100-16P-EI - model LS-5100-16P-EI-OVS-H3 0235A21Q
HP A5100-16G SI Switch JD356A
H3C S5100-16P-SI - model LS-5100-16P-SI-OVS-H3 0235A22R
HP A5100-16G-PoE EI Switch JD353A
H3C S5100-16P-PWR-EI - model LS-5100-16P-PWR-EI-OVS 0235A22K
HP A5100-24G EI Switch JD346A
H3C S5100-24P-EI - model LS-5100-24P-EI-OVS 0235A08K
HP A5100-24G EI Switch with SFP Uplink JD344A
H3C S5100-26C-EI - model LS-5100-26C-EI-OVS 0235A08F
HP A5100-24G SI Switch JD348A
H3C S5100-24P-SI - model LS-5100-24P-SI-OVS-H3 0235A20Q
HP A5100-24G-PoE EI Switch JD354A
H3C S5100-26C-PWR-EI - model LS-5100-26C-PWR-EI-OVS 0235A22M
HP A5100-48G EI Switch JD347A
H3C S5100-48P-EI - model LS-5100-48P-EI-OVS 0235A08M
HP A5100-48G EI Switch with SFP Uplink JD345A
H3C S5100-50C-EI - model LS-5100-50C-EI-OVS 0235A08H
HP A5100-48G SI Switch JD349A
H3C S5100-48P-SI - model LS-5100-48P-SI-OVS-H3 0235A20R
HP A5100-48G-PoE EI Switch JD355A
H3C S5100-50C-PWR-EI - model LS-5100-50C-PWR-EI-OVS 0235A22P
HP A5100-8G EI Switch JD350A
H3C S5100-8P-EI - model LS-5100-8P-EI-OVS-H3 0235A21P
HP A5100-8G SI Switch JD357A
H3C S5100-8P-SI - model LS-5100-8P-SI-OVS-H3 0235A22T
HP A5100-8G-PoE EI Switch JD352A
H3C S5100-8P-PWR-EI - model LS-5100-8P-PWR-EI-OVS 0235A22H
HP A5120-24G EI Switch JE066A
H3C S5120-24P-EI 24GE Plus 4ComboSFP 0235A0BQ
HP A5120-24G EI Switch with 2 Interface Slots JE068A
H3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt 0235A0BS
HP A5120-24G-PoE EI 2-slot Switch JE070A
H3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE 0235A0BU
HP A5120-48G EI Switch JE067A
H3C S5120-48P-EI 48GE Plus 4ComboSFP 0235A0BR
HP A5120-48G EI Switch with 2 Interface Slots JE069A
H3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt 0235A0BT
HP A5120-48G-PoE EI 2-slot Switch JE071A
H3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE 0235A0BV
HP A6604 Router Bundle with RPE-X1 Modules and Power Supply JE528A
H3C SR6604 Router Bundle with RPE-X1 and Pow 0150A12B
HP A6604 Router with 2 RPE-X1 Modules JC158A
H3C RT-SR6604-OVS Plus 2 RPE-X1 Plus 2 AC-H3 0150A12C
HP A6608 Router (RT-SR6608-OVS+2 RPE-X1+2 AC-H3) Bundle JE527A
H3C RT-SR6608-OVS Plus 2 RPE-X1 Plus 2 AC-H3 0150A12A
HP A6608 Router Bundle with RPE-X1 Modules and Power Supply JE526A
H3C SR6608 Router Bundle with RPE-X1 and Pow 0150A129
HP A9508 Switch Chassis JC124A
H3C S9505E Chassis w/ Fans 0235A38P
HP A-MSR20-15 A Multi-service Router JD670A
H3C MSR 20-15 A 0235A31Q
HP A-MSR20-15 AW Multi-service Router JD671A
H3C MSR 20-15 A W 0235A31R
HP A-MSR20-15 I Multi-service Router JD672A
H3C MSR 20-15 I 0235A31N
HP A-MSR20-15 IW Multi-service Router JD667A
H3C MSR 20-15 IW 0235A31P
HP A-MSR20-21 Router JD432A
H3C MSR-20-21 Router 0235A19J
HP A-MSR20-21 Router JD663A
H3C MSR 20-21 0235A325
HP A-MSR30-20 Multi-service Router Security Bundle JF286A
H3C MSR 30-20 Router Host RTVZ33020AS, 0235A20S
HP A-MSR30-40, RT-MSR3040-AC-OVS-AS-H3 Multi-service Router JF232A
H3C RT-MSR3040-AC-OVS-AS-H3 0235A20V
HP AR 18-31E Router JD172A
H3C AR18-31E Router 0235A09T
HP E4200-24 SI Switch JE013A
3Com 4200-SI Switch 28 Port 3C17304A
HP E4200-24G Switch JE016A
3Com 4200G Switch 24-Port 3CR17661-91
HP E4200-24G-PoE Switch JE020A
3Com 4200G Switch PWR 24-Port 3CR17671-91
HP E4200-48 SI Switch JE012A
3Com 4200-SI Switch 50 Port 3C17302A
HP E4200-48G Switch JE018A
3Com 4200G Switch 48-Port 3CR17662-91
HP E4210 8-port (TAA) Switch JE023A
3Com 4210 Switch 9-Port TAA 3CR17331TAA-91
HP E4210-16-PoE Switch JE031A
3Com 4210 Switch PWR 18-Port 3CR17342-91
HP E4210-8-PoE (TAA) Switch JE030A
3Com 4210 Switch PWR 9P TAA 3CR17341TAA-91
HP E4500-24G (TAA) Switch JE058A
3Com 4500G Switch 24-Port TAA 3CR17761TAA-91
HP E4500-24G Switch JE057A
3Com 4500G Switch 24-Port 3CR17761-91
HP E4500-24G-PoE (TAA) Switch JE062A
3Com 4500G PWR Switch 24-Port TAA 3CR17771TAA-91
HP E4500-48G (TAA) Switch JE060A
3Com 4500G Switch 48-Port TAA 3CR17762TAA-91
HP E4500-48G Switch JE059A
3Com 4500G Switch 48-Port 3CR17762-91
HP E4500-48G-PoE (TAA) Switch JE064A
3Com 4500G PWR Switch 48-Port TAA 3CR17772TAA-91
HP E5500-24 EI (TAA) Switch JE102A
3Com TAA 5500-EI Switch 28-Port 3CR17161TAA-91
HP E5500-24 SI Switch JE099A
3Com SS4 5500-SI Switch 28 Port 3CR17151-91
HP E5500-24 Switch JE101A
3Com 5500-EI Switch 28-Port 3CR17161-91
HP E5500-24G (TAA) Switch JE089A
3Com TAA COMPLIANT 5500G-EI 24-Port 3CR17250TAA-91
HP E5500-24G Switch JE088A
3Com 5500G-EI Switch 24 Port 3CR17250-91
HP E5500-24G-PoE (TAA) Switch JE093A
3Com TAA COMPLIANT 5500G-EI PWR 24P 3CR17252TAA-91
HP E5500-24G-PoE Switch JE092A
3Com 5500G-EI Switch PWR 24-Port 3CR17252-91
HP E5500-24G-SFP (TAA) Switch JE097A
3Com TAA COMPLIANT 5500G-EI SFP 24P 3CR17258TAA-91
HP E5500-24G-SFP Switch JE096A
3Com 5500G-EI Switch SFP 24-Port 3CR17258-91
HP E5500-24-PoE EI (TAA) Switch JE106A
3Com TAA 5500-EI PWR Switch 28-Port 3CR17171TAA-91
HP E5500-24-PoE Switch JE105A
3Com 5500-EI PWR Switch 28-Port 3CR17171-91
HP E5500-24-SFP Switch JE109A
3Com 5500-EI Switch 28-Port FX 3CR17181-91
HP E5500-24-SPF EI (TAA) Switch JE110A
3Com TAA SWITCH 5500-EI 28-Port FX 3CR17181TAA-91
HP E5500-48 EI (TAA) Switch JE104A
3Com TAA SWITCH 5500-EI 52-Port 3CR17162TAA-91
HP E5500-48 SI Switch JE100A
3Com SS4 SWITCH 5500-SI 52 Port 3CR17152-91
HP E5500-48 Switch JE103A
3Com 5500-EI Switch 52-Port 3CR17162-91
HP E5500-48G (TAA) Switch JE091A
3Com TAA COMPLIANT 5500G-EI 48-Port 3CR17251TAA-91
HP E5500-48G Switch JE090A
3Com 5500G-EI Switch 48-Port 3CR17251-91
HP E5500-48G-PoE (TAA) Switch JE095A
3Com TAA COMPLIANT 5500G-EI PWR 48P 3CR17253TAA-91
HP E5500-48G-PoE Switch JE094A
3Com 5500G-EI PWR Switch 48-Port 3CR17253-91
HP E5500-48-PoE EI (TAA) Switch JE108A
3Com TAA 5500-EI PWR Switch 52-Port 3CR17172TAA-91
HP E5500-48-PoE Switch JE107A
3Com 5500-EI PWR Switch 52-Port 3CR17172-91
HP E7902 Switch Chassis JE164A
3Com S7902E Chassis Kit w/ fans 3CS7902E
HP E7903 1 Fabric Slot Switch Chassis JE166A
3Com S7903E-S Chassis Kit w/ fans 3CS7903ES
HP E7903 Switch Chassis JE165A
3Com S7903E Chassis Kit w/ fans 3CS7903E
HP E7906 Switch Chassis JE167A
3Com S7906E Chassis Kit w/ fans 3CS7906E
HP E7906 Vertical Switch Chassis JE168A
3Com S7906E-V Chassis Kit w/ fans 3CS7906EV
HP F1000-E VPN Firewall Appliance JD272A
H3C F1000-E VPN Firewall 0235A26G
HP F1000-EI VPN Firewall Appliance JG214A
HP F1000-S-EI VPN Firewall Appliance JG213A
HP F5000 Firewall Main Processing Unit JG215A
HP MSR 50-40 Router JD655A
H3C MSR 50-40 Chassis 0235A20N
HP MSR20-10 Router JD431A
H3C MSR 20-10 0235A0A7
HP MSR20-11 Router JD673A
H3C MSR 20-11 0235A31V
HP MSR20-11 Router JF239A
H3C RT-MSR2011-AC-OVS-H3 0235A395
HP MSR20-12 Router JD674A
H3C MSR 20-12 0235A32E
HP MSR20-12 Router JF241A
H3C RT-MSR2012-AC-OVS-H3 0235A396
HP MSR20-12-T Router JD676A
H3C MSR 20-12 T1 0235A32B
HP MSR20-12-T Router JF806A
H3C RT-MSR2012-T-AC-OVS-H3 0235A398
HP MSR20-12-T-W Router (NA) JG209A
HP MSR20-12-W Router JD675A
H3C MSR20-12 W 0235A32G
HP MSR20-12-W Router JF807A
H3C RT-MSR2012-AC-OVS-W-H3 0235A397
HP MSR20-13 Router JD668A
H3C MSR 20-13 0235A31W
HP MSR20-13 Router JF240A
H3C RT-MSR2013-AC-OVS-H3 0235A390
HP MSR20-13-W Router JD669A
H3C MSR 20-13 W 0235A31X
HP MSR20-13-W Router JF808A
H3C RT-MSR2013-AC-OVS-W-H3 0235A391
HP MSR20-13-W Router (NA) JG210A
HP MSR20-15 Router JF817A
H3C MSR 20-15 Router Host (AC), 1 FE, 4 LSW, 1 ADSLoPOTS, 1 DSIC 0235A0A8
HP MSR20-15-A Router JF237A
H3C RT-MSR2015-AC-OVS-A-H3 0235A392
HP MSR20-15-A-W Router JF809A
H3C RT-MSR2015-AC-OVS-IW-H3 0235A38V
HP MSR20-15-I Router JF236A
H3C RT-MSR2015-AC-OVS-I-H3 0235A394
HP MSR20-15-I-W Router JF238A
H3C RT-MSR2015-AC-OVS-AW-H3 0235A393
HP MSR20-20 Router JD662A
HP A-MSR20-20 Router
H3C MSR 20-20 0235A19H
HP MSR20-20 Router JF283A
H3C RT-MSR2020-AC-OVS-H3C 0235A324
HP MSR20-21 Router JD663B
HP MSR20-40 Router JD664A
H3C MSR 20-40 0235A19K
HP MSR20-40 Router JF228A
H3C RT-MSR2040-AC-OVS-H3 0235A326
HP MSR30-10 DC Router JG184A
HP MSR30-10 Router JF816A
H3C MSR 30-10 Router Host (AC), 2FE, 2SIC, 1XMIM, 256DDR 0235A39H
HP MSR30-11 Router JF800A
H3C RT-MSR3011-AC-OVS-H3 0235A29L
HP MSR30-11E Router JG182A
HP MSR30-11F Router JG183A
HP MSR30-16 PoE Router JD659A
H3C MSR 30-16 POE 0235A238
HP MSR30-16 PoE Router JF234A
H3C RT-MSR3016-AC-POE-OVS-H3 0235A321
HP MSR30-16 Router JD665A
H3C MSR 30-16 0235A237
HP MSR30-16 Router JF233A
H3C RT-MSR3016-AC-OVS-H3 0235A327
HP MSR30-16 Router with VCX and 4-port FXO and 2-port FXS Modules JD025A
HP A-MSR30-16 Router with VCX and 4-port FXO and 2-port FXS Modules
3Com MSR 3016 VCX CPM 4FXO/2FXS Bundle 3CRBVCXMSR03A
HP MSR30-16 Router with VCX Enterprise Branch Communications MIM Module JD024A
HP A-MSR30-16 Router with VCX Ent MIM Module
3Com MSR 3016 VCX Ent MIM Bundle 3CRBVCXMSR02A
HP MSR30-20 DC Router JF235A
H3C RT-MSR3020-DC-OVS-H3 0235A267
HP MSR30-20 PoE Router JD660A
H3C MSR 30-20 POE 0235A239
HP MSR30-20 PoE Router JF802A
H3C RT-MSR3020-AC-POE-OVS-H3 0235A322
HP MSR30-20 Router JD666A
H3C MSR 30-20 0235A19L
HP MSR30-20 Router JF284A
H3C MSR 30-20 Router 0235A328
HP MSR30-40 DC Router JF287A
H3C MSR 30-40 Router Host (DC) 0235A268
HP MSR30-40 PoE Router JD661A
H3C MSR 30-40 POE 0235A25R
HP MSR30-40 PoE Router JF803A
H3C RT-MSR3040-AC-POE-OVS-H3 0235A323
HP MSR30-40 Router JD657A
H3C MSR 30-40 0235A20J
HP MSR30-40 Router JF229A
H3C RT-MSR3040-AC-OVS-H 0235A299
HP MSR30-40 Router with VCX and 8-port BRI and 4-port FXS Modules JD027A
3Com MSR 3040 VCX CPM 8BRI/4FXS Bundle 3CRBVCXMSR06A
HP MSR30-40 Router with VCX and 8-port FXO and 4-port FXS Modules JD026A
3Com MSR 3040 VCX CPM 8FXO/4FXS Bundle 3CRBVCXMSR05A
HP MSR30-40 Router with VCX and E1 and 4-port BRI and 4-port FXS Modules JD029A
HP A-MSR30-40 Router with VCX and E1 and 4-port BRI and 4-port FXS Modules
3Com MSR 3040 VCX CPM E1/4BRI/4FXS Bundle 3CRBVCXMSR08A
HP MSR30-40 Router with VCX and T1 and 4-port FX0 and 4-port FXS Modules JD028A
HP A-MSR30-40 Router with VCX and T1 and 4-port FX0 and 4-port FXS Modules
3Com MSR 3040 VCX CPM T1/4FXO/4FXS Bundle 3CRBVCXMSR07A
HP MSR30-40 Router with VCX MIM Module JD023A
3Com MSR 3040 VCX Ent MIM Bundle 3CRBVCXMSR01A
HP MSR30-60 DC Router JF801A
H3C RT-MSR3060-DC-OVS-H3 0235A269
HP MSR30-60 PoE Router JD654A
H3C MSR 30-60 POE 0235A25S
HP MSR30-60 PoE Router JF804A
H3C RT-MSR3060-AC-POE-OVS-H3 0235A296
HP MSR30-60 Router JD658A
H3C MSR 30-60 0235A20K
HP MSR30-60 Router JF230A
H3C RT-MSR3060-AC-OVS-H3 0235A320
HP MSR50-40 DC Router JF285A
HP A-MSR50-40 DC Router Chassis
H3C MSR5040-DC-OVS-H3C 0235A20P
HP MSR50-40 Router JD433A
H3C MSR 50-40 Router 0235A297
HP MSR50-60 Router JD656A
H3C MSR 50-60 Chassis 0235A20L
HP MSR50-60 Router JF231A
H3C RT-MSR5060-AC-OVS-H3 0235A298
HP MSR50-60 Router Chassis with DC Power Supply JF640A
HP MSR900 2-port FE WAN / 4 -port FE LAN Router JF812A
H3C MSR 900 Router, 2 FE WAN, 4 FE LAN, 256DDR 0235A0BX
HP MSR900-W Router JF814A
H3C MSR 900 Router with 802.11b/g, 2 FE WAN, 4 FE LAN, 256DDR, 802.11b 0235A0C2
HP MSR900-W Router (NA) JG207A
HP MSR920 2-port FE WAN / 8-port FE LAN / 802.11b/g Router JF815A
H3C MSR 920 Router with 802.11b/g, 2 FE WAN, 8 FE LAN, 256DDR 0235A0C4
HP MSR920 Router JF813A
H3C MSR 920 Router, 2 FE WAN, 8 FE LAN, 256DDR 0235A0C0
HP MSR920-W Router (NA) JG208A
HP 6040 Router Chassis JD967A
3Com 6040 Router Chassis 3C13840
HP 6080 Router Chassis JD972A
3Com 6080 Router Chassis 3C13880
HP S5600-26C Ethernet Switch JD393A
H3C S5600-26C Ethernet Switch 0235A11F
HP S5600-26C-PoE Ethernet Switch JD394A
H3C S5600-26C-PWR Ethernet Switch 0235A11G
HP S5600-26F Ethernet Switch JD395A
H3C S5600-26F Ethernet Switch 0235A11H
HP S5600-50C Ethernet Switch JD391A
H3C S5600-50C Ethernet Switch 0235A11D
HP S5600-50C PoE Ethernet Switch JD392A
H3C S5600-50C-PWR Ethernet Switch 0235A11E
HP S9502 (LS-9502-OVS-H3) Routing Switch Chassis JE551A
H3C LS-9502-OVS-H3 0235A21X
HP S9505 Routing Switch Chassis JC055A
H3C S9505 Routing Switch Chassis 0235A17A
HP S9508 Routing Switch Chassis JC054A
H3C S9508 Routing Switch Chassis 0235A16T
HP S9512 Routing Switch Chassis JC056A
H3C S9512 Routing Switch Chassis 0235A17B
HP U200-A UTM Appliance JD275A
HP A-U200-A Unified Threat Management Appliance
H3C SecPath U200-A 0235A36Q
HP U200-S UTM Appliance JD273A
HP A-U200-S Unified Threat Management Appliance
H3C SecPath U200-S 0235A36N
HP WX5002 Access Controller JD447A
H3C WX5002 Access Controller 0235A34B
HP WX5002 Access Controller JD447B
HP A-WX5002 Access Controller
H3C WX5002 Access Controller 0235A34B
HP WX5002 Access Controller JD468A
3Com WX 5002 Access Controller 3CRUWX500275
HP WX5004 Access Controller JD448A
HP A-WX5004 Access Controller
H3C WX5004 Access Controller 0235A35J
HP WX5004 Access Controller JD448B
HP A-WX5004 Access Controller
H3C WX5004 4-Port 1000BASE-X/1000BASE-T (Combo) Access Controller 0235A0GD
HP WX5004 Access Controller JD469A
3Com WX 5004 Access Controller 3CRUWX500475
HP WX6103 Access Controller Support up to 128 Access Points JF247A
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2012-3268 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks Kurt Grutzmacher (grutz@jingojango.net) and CERT/CC for reporting these vulnerabilities to security-alert@hp.com
RESOLUTION
If your product is listed as vulnerable, a software update to address this issue may be available for download.
Using a web browser, go to http://www.hp.com/networking/support .
Enter the product number or product description into Auto Search.
Select the displayed result and click ' Display selected '.
Click Software Downloads from the list of choices provided below.
There is a section called ' Early Availability ' which will contain software that addresses this issue. The descriptive text of the software should indicate SSRT100920 as a further indication that the software addresses this issue. There are important considerations about using Early Availability software:
Early Availability software is recommended for use in:
Lab testing prior to upgrading a production network
Evaluation of new features prior to general deployment
Evaluation with specific applications prior to wider deployment
Please evaluate this software thoroughly prior to deployment in a production environment.
If your product is listed as vulnerable and software is not available via the process outlined previously, you may contact HP Networking support directly by going to this URL: https://h10145.www1.hp.com/help/Help_ContactInfo.aspx?cwp=2&SelectedTab=2 and clicking on your location to get the technical support telephone number. There are other support options such as Electronic Case submission available.
If your product is listed as vulnerable and a software update is not yet available, HP is currently working to address these vulnerabilities with a new software update. This Security Bulletin will be revised when the software update is available. Prior to the update being made available and you have an impacted product, the following mitigations are recommended:
Moving to SNMPv3 with authentication and privacy for all network management applications.
Using SNMPv3s VACM to block access to the H3C-USER-MIB for SNMPv1/v2c users.
Here is an example configuration using the snmp-agent command:
snmp-agent mib-view include readView iso snmp-agent mib-view exclude readView hh3cUserPassword snmp-agent mib-view include writeView iso snmp-agent mib-view exclude writeView hh3cUserPassword snmp-agent mib-view include notifyView iso snmp-agent group v1 testV1ReadGroup read-view readView snmp-agent usm-user v1 testV1ReadUser testV1ReadGroup snmp-agent group v1 testV1WriteGroup read-view readView write-view writeView notify-view notifyView snmp-agent usm-user v1 testV1WriteUser testV1WriteGroup snmp-agent community read testV1ReadUser mib-view readView snmp-agent community write testV1WriteUser mib-view writeView You may also further control SNMP MIB access using an ACL. For v1/2 snmp-agent community write testV1WriteUser mib-view writeView acl snmp-agent community read testV1ReadUser mib-view readView acl For v3 snmp-agent group v3 testV3Group privacy read-view readView write-view writeView acl snmp-agent usm-user v3 testV3User testV3Group authentication-mode sha privacy-mode aes128
Configure SNMP community strings with ACLs to limit access to SNMP to just network management workstation(s).
Here is an example configuration:
acl number 2001 rule 1 permit source 192.168.100.0 0.0.0.255 rule 1 permit source 192.168.100.1 0 acl number 2002 rule 1 permit source 192.168.100.1 0
snmp-agent community read READONLY acl 2001 snmp-agent community write READONLY acl 2002
Disable all local user administrative accounts and use RADIUS or TACACS+ authentication instead.
Disable SNMP.
Regarding secure use of switch or router configuration information:
Avoid using plaintext protocols such as TFTP or FTP to transfer configuration files that contain local user accounts.
Control user privileges on displaying any configuration information or displaying the content of a configuration file. For example, display current-configuration or more '.
HISTORY Version:1 (rev.1) - 22 October 2012 Initial release Version:2 (rev.2) - 25 October 2012 Updated product list and the summary section.
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlCJl+QACgkQ4B86/C0qfVl9cgCcDoJkIjTWzBdeJdAdOimzRNg7 YJgAoPmQ5ycXX07g21tV9nvSaLLvPPE5 =cmPB -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jd373a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc101a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a17b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc125b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf247a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cs7906e",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a19h",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a21x",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg183a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a26g",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a21p",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je071a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd317a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17771taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf808a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je110a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd318a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf233a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17342-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je068a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a15d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a29l",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cs7902e",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd010a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10f",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je527a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je023a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a15b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd655a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbvcxmsr06a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd369a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17161taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je526a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbvcxmsr02a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a21q",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a27s",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je030a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd023a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd658a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a22t",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg182a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17161-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c17540taa",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crs42g-48-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg242a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc086a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne40e\\\u002680e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r002"
},
{
"model": "0235a20v",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a15h",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13613",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0br",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je167a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17762taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf800a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17572-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd449a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0gf",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a321",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg214a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17341-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a15j",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc496a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc748a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a393",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je027a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je102a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd333a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je013a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g5",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a238",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17771-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc666a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a22d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17171taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je021a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0231a761",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13612",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17171-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a392",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd352a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd320a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd943a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je048a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a08f",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a27d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg092a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc149b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd370a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf803a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf804a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc700a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g1",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17253-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17254-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17181taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crs42g-24-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31x",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a14v",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc699a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a42d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg256a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd309a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg238a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13759",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg312a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd347a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a23h",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je100a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd307a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a38p",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je031a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc691a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10h",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je022a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17259-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je057a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a397",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je029a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd274a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd331a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31p",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd313b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd657a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je005a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd335a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je063a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd344a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd656a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd193b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a22k",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je067a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf640a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17662-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd306a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd243b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd310a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg348a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31e",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je012a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g9",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je070a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17341a-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je101a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg248a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0bt",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0231a65t",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf230a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg311a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd303a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a395",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc147b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc176a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd667a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "cx600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "0235a36n",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg254a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd320b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd468a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg302a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g3",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0e3",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbsg5293",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg255a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd946a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbsg2093",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a37u",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd935a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je106a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd376a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0bs",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "cx600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r002"
},
{
"model": "je204a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0c2",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf806a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0e5",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc103a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g4",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0gd",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd272a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a19d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jr024a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf228a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a298",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd662a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13751",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc099a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd325a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd375a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0bx",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a390",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a20k",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je092a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a29y",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je007a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "me60",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r002"
},
{
"model": "jf845a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg350a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je104a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd220a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd250a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf427a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf815a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0150a12a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd249a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a36q",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17250-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg300a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a37x",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne40\\\u002680",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r005"
},
{
"model": "ma5200g",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r003"
},
{
"model": "je528a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a39h",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c17541",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17331a-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf430a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a19b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a325",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je099a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg349a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc124b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17772-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13840",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0ge",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13616",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a17a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc055a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a19l",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd379a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd238a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17152-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10k",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a268",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235aa2m",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf239a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc085a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a326",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd665a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a38m",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf242a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0231a88l",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je168a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc148b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17343a-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg304a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd672a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je094a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je107a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf241a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17341taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0231a86p",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "cx600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r001"
},
{
"model": "jd669a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd654a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd450a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd311a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13636",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne40e\\\u002680e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "0235a0ga",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0gc",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a08k",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10l",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd025a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc054a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf431c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf817a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg215a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17772taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0150a129",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf847a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je020a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg299a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je088a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a398",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crs48g-24s-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbvcxmsr01a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "juc653a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc698a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd011a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je551a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc694a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10g",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "lsq1fwbsc0",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je061a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31q",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd660a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17660-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd239b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je033a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd447b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc147a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg478a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "rpe-x1",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg223a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf231a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a300",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je064a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc177a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd378a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jr430b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd334a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g7",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a22p",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd241a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13640",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc165a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg247a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd346a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd029a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd923a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd972a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0bq",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf238a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g8",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je201a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg303a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd242b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg213a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je545a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc150a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd351a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a20q",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd312a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd377a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17258-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je091a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je200a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a267",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c17541taa",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg249a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10e",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je096a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf809a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je199a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg253a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd371a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf807a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cs7906ev",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbsg28hpwr93",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je093a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a35j",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crs48g-24-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd328a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd337a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17761-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je009a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17331taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg209a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc635a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf431a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je073a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd448b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a38q",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd354a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a27q",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a20r",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je072a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd921a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf802a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a14w",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crs48g-24p-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd332a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd666a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0e7",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17562-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17250taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17561-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf814a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a20n",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a22r",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a33r",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne40e\\\u002680e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r001"
},
{
"model": "jd027a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf236a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0c0",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je109a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je045a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a20s",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg246a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd663b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0231a0av",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a23p",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc149a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd242a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd268a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17162-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd338a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf430c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg252a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg241a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a22h",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "me60",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r005c00spc600"
},
{
"model": "3crbvcxmsr08a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je018a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "rtvz33020as",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17258taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31v",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne20e-x6",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "jd024a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a237",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd671a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbvcxmsr07a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a41d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd315a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc056a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf286a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg225a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17671-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd314a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "me60",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r003"
},
{
"model": "je008a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17172-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbvcxmsr05a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd917a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd349a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a20j",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd668a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd922a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31w",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd918a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cruwx500475",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd345a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg059a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a394",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je089a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je198a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a15g",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a32b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf237a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c17302a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc150b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc178b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf235a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd673a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17162taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0a8",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je026a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc125a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd241b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a27r",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a296",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0a7",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r005"
},
{
"model": "jf816a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17334-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf551a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg258a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg236a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0c4",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd661a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17762-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc148a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd239a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd305a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf552a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd350a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g6",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd330a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je105a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je069a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je164a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd313a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf285a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd319a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a32e",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a15f",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbsg28pwr93",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd302a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a322",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a323",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc612a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf801a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a25s",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je028a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf232a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17253taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc177b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg301a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd675a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17181-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc613a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd432a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd193a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd469a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd431a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31r",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc100a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je103a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd348a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cs7903es",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a38n",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc105a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf284a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg237a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a23t",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg251a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf813a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "lsr1fw2a1",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je032a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc611a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd240b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je074a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17332-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc178a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17251taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd356a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf428a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd374a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg208a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd355a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cs7903e",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd916a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a324",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg307a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crs45g-48-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je095a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd357a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a32g",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf846a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a15c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a37t",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a301",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd674a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd275a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a396",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd670a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf287a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne40e\\\u002680e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r003"
},
{
"model": "3cr17331-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg207a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd433a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a22c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd240a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je015a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je165a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd273a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd663a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd194a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a25n",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a248",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17343-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17251-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd676a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0as",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a16t",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd967a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbvcxmsr03a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je166a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a34b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a391",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd243a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd007a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je046a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg245a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17661-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c17543taa",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "atn",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c01"
},
{
"model": "3crs48g-48-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c17543",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crs45g-24-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd444a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0e6",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd327a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf240a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a327",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "me60",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r006"
},
{
"model": "jd372a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0150a12b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0231a832",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g0",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a269",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc701a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jr431b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17172taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd659a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg305a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cruwx500275",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0ct",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17333a-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je060a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a19c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg315a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a09t",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a10j",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg210a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je059a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je108a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg240a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c17304a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a328",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a320",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17571-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd251a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0bu",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd664a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je058a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je025a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd028a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17761taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc652a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "me60",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r005"
},
{
"model": "jg091a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "-ma5200g",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r003"
},
{
"model": "je006a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf844a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je097a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "lsq1srpd0",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd329a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf234a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a32x",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc653a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf283a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "cx600",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r002"
},
{
"model": "jg250a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc474b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je066a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je016a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13701",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd319b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd353a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a42b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf812a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd326a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a19k",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a20p",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a25r",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf229a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd304a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17332a-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a20l",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne5000e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v800r003"
},
{
"model": "0235a08h",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc697a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c13641",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je203a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd172a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd009a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd447a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd448a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg239a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3c17540",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0231a88a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a0g2",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne5000e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v800r002"
},
{
"model": "jd318b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg221a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc474a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a38r",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a19j",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a297",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a31n",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc104a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd316a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd245a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg184a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd336a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ne5000e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v300r007"
},
{
"model": "0235a08m",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je062a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crs48g-48p-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jf553a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg257a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "atb",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v200r001c00"
},
{
"model": "3cr17333-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd026a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a38v",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd308a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a22e",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a299",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jg222a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17151-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crs42g-24p-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc566a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0150a12c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3cr17252taa-91",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd008a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "3crbsg2893",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jc158a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a29a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "0235a22f",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "jd238b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "je090a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"model": "h3c s3100 series switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c s3100 series switches",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
},
{
"model": "h3c s3600 series switches",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
},
{
"model": "h3c s5100 series switches",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
},
{
"model": "switch family",
"scope": "eq",
"trust": 0.6,
"vendor": "3com",
"version": "4200"
},
{
"model": "switch family",
"scope": "eq",
"trust": 0.6,
"vendor": "3com",
"version": "4500"
},
{
"model": "switch family",
"scope": "eq",
"trust": 0.6,
"vendor": "3com",
"version": "5500"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "3com",
"version": "8800"
},
{
"model": "h3c msr series routers",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "20"
},
{
"model": "h3c msr series routers",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "30"
},
{
"model": "h3c msr series routers",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "50"
},
{
"model": "h3c msr series routers",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "900"
},
{
"model": "h3c s12500 series switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c s5120-ei series switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c s5120-si series switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c s5500-ei series switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c s5500-si series switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c s5800 series switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c s7500e series switches",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c s9500e core routing switch",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c secpath f1000-e",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c secpath u200 series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c sr6600 series routers",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c sr8800 series routers",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c wx3000 series integrated switch",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "h3c wx5000 series access controllers",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "10500"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "12500"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1910"
},
{
"model": "unified threat management appliance series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "200"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "3100"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "3100"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "3600"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "3600"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "3610"
},
{
"model": "4200g switch series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4210"
},
{
"model": "4210g switch series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "4500g switch series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "4800g switch series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5120"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5120"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5500"
},
{
"model": "hi switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5500"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5500"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5800"
},
{
"model": "router series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6600"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "7500"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "8800"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "9500"
},
{
"model": "firewall series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "msr20 series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "msr30 series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "msr50 series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "msr900 series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "wx5000 access controller series",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "5500-24g si switch",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "jd369a"
},
{
"model": "5500-48g-poe\\+ si switch with 2 interface slots",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "jg239a"
},
{
"model": "msr20-20 router",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "jd662a"
},
{
"model": "s3610-28tp-model ls-3610-28tp-ovs",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "0235a22e"
},
{
"model": "5500-48g ei switch",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "jd375a"
},
{
"model": "5500-24g ei taa-compliant switch with 2 interface slots",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "jg250a"
},
{
"model": "4500 switch 50-port",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "3cr17562-91"
},
{
"model": "s3610-52p-model ls-3610-52p-ovs",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "0235a22c"
},
{
"model": "5500-48g ei taa-compliant switch with 2 interface slots",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "jg251a"
},
{
"model": "8802 router chassis",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "jc147a"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#225404"
},
{
"db": "CNVD",
"id": "CNVD-2012-6060"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"db": "NVD",
"id": "CVE-2012-3268"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17161-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg091a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd249a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc613a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc611a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc612a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc748a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc635a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc652a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc086a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf431a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf431c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jr431b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc653a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:juc653a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc085a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf430a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf430c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jr430b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je005a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je008a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je007a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je006a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je009a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg350a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg349a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg348a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd268a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd274a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd450a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd449a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd444a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13612:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd916a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13613:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd917a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13616:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd918a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13636:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd921a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13640:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd922a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13641:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd923a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd312a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd314a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd319a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd305a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd319b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg222a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd313a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd313b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd315a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd320a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd306a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd320b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg223a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd317a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg315a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd311a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd316a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd318a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd304a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd307a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd318b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg221a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg301a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd326a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd325a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd334a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg303a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd331a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd330a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd329a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg299a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg304a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg302a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg307a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd328a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd327a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd333a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd332a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg300a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg305a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd337a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd336a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd338a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd335a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je015a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c17304a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c17302a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17660-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17661-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17662-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17671-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je025a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jr024a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je032a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je033a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je026a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf427a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf846a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs42g-24-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf844a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je027a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs42g-48-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf845a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je028a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je029a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je021a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je022a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17343a-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17341-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17341a-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17332-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17333-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17333a-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17334-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17331-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17331a-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17331taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17342-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17343-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17341taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je045a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je061a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je048a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je046a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je063a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17571-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17572-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17561-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17562-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17771-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17771taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17772-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17772taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17761-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17761taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17762-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17762taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf847a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf428a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs45g-48-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd008a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd009a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd007a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd011a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd010a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs48g-24p-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs48g-48p-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs48g-24-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs48g-24s-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs48g-48-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13701:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd935a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je073a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg092a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg236a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg247a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg245a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je074a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg237a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg248a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg246a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je072a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13751:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd943a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg311a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg241a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg252a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg238a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd378a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd371a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd379a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd374a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg249a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd373a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd377a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg250a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd369a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg312a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg240a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg253a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg239a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd376a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd372a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd375a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg251a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd370a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17171-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17172-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17181-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17162-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf551a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf553a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf552a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17253-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17250-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17251-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17258-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13759:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd946a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg254a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc099a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc103a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg256a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc100a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg255a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg257a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg242a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc104a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc105a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc101a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg258a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg225a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf242a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg478a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc691a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc694a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c13840:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd967a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd972a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd250a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc165a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc566a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc176a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc178a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc178b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc177a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc177b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc496a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd194a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd193a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd193b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc700a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc699a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd220a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc701a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd242a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd242b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc697a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc666a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc698a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd240a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd240b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd243a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd243b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd239a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd239b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd241a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd241b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd238a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd238b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd251a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc147a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc147b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc148a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc148b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je203a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je204a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c17543:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc149a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc149b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je201a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je200a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c17541:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc150a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc150b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je199a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je198a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c17540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd245a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc124b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc474a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc474b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc125a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc125b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd670a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd671a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd672a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd667a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd432a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd663a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf286a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf232a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd302a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd308a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd303a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd309a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg059a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd310a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je545a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd353a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd351a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd356a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd354a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd346a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd344a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd348a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd355a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd347a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd345a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd349a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd352a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd350a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd357a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je070a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je066a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je068a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je071a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je067a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je069a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je528a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc158a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je527a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je526a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a27q:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a38r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a09t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd172a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbsg5293:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbsg2093:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbsg2893:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbsg28hpwr93:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbsg28pwr93:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je013a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je020a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je016a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je012a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je018a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je031a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je030a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je023a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je062a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je058a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je057a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je064a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je060a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je059a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je106a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je105a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je109a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je110a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je102a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je099a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je101a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je093a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je092a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je097a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je096a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je089a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je088a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je108a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je107a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je104a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je100a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je103a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je095a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je094a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je091a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je090a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je164a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je166a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je165a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je167a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je168a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd272a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a26g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg214a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg213a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg215a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a21x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a19j:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd431a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd673a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf239a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg209a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd676a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf806a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd675a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf807a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd674a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf241a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a32g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd669a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf808a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg210a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd668a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf240a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf809a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf237a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf238a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf236a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf817a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd662a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf283a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd663b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd664a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf228a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg184a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf816a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf800a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg182a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg183a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd659a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf234a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd665a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf233a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd025a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd024a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf235a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd660a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf802a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd666a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf284a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd661a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf803a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd657a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf229a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd027a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd026a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd029a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd028a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf801a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd654a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf804a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd658a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf230a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf285a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd433a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd656a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf231a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf640a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a20p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf814a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg207a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf812a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jg208a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf815a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf813a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0a7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31v:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a32e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a32b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31q:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0a8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a19h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a325:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a19k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a39h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a237:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a238:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a19l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a328:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a20s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:rtvz33020as:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a20j:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a25r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a268:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a20k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a25s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbvcxmsr03a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbvcxmsr02a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbvcxmsr06a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbvcxmsr05a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbvcxmsr08a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbvcxmsr07a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crbvcxmsr01a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a20n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a297:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd655a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a20l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0bx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0c2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0c0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0c4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf287a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd023a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a395:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a396:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a397:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a398:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a390:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a391:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a392:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a393:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a394:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a38v:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a324:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a326:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a29l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a327:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a321:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a322:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a267:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a20v:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a299:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a323:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a296:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a269:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a298:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0231a761:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:rpe-x1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a37x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0150a12c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a32x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0150a12a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0ge:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0e6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a38n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0gf:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0e7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a38m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a15g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a14v:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a15c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a23h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a19c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a15h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a14w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a15d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a301:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a23p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a19d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a248:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a15f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a15j:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a15b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a29y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a23t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a19b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0231a65t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10j:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a10d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a22f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a22d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a22e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a22c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a21q:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a22k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a22r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a08k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a20q:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a08f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235aa2m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a08m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a20r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a08h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a22p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a21p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a22h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a22t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a42b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0bq:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0bs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0bu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0e5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0e3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a42d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0br:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0bt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0231a832:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:lsq1fwbsc0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a29a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a33r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a27r:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a27s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0231a86p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:lsq1srpd0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a25n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cs7902e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cs7903es:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cs7903e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cs7906ev:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cs7906e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0231a0av:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:lsr1fw2a1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:je551a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a17a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc055a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a38p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a16t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc054a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a38q:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a17b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jc056a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a36q:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0ct:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a36n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a27d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0150a12b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0150a129:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a41d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0231a88a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0gc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g8:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0g9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0ga:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a31e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0231a88l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17151-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17259-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17254-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17152-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c17543taa:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c17541taa:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3c17540taa:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17332a-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs42g-24p-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3crs45g-24-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17171taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17172taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17161taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17250taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17251taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17252taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17253taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17258taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17181taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cr17162taa-91:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd275a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd273a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0as:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a37u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a37t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a34b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd447a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd447b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd468a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a0gd:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:0235a35j:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd448a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd448b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jd469a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:jf247a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cruwx500275:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:3cruwx500475:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v600r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne20e-x6:v600r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx600:v600r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne5000e:v800r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40e\\\u002680e:v600r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v600r005c00spc600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:atn:v200r001c01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:-ma5200g:v300r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40\\\u002680:v300r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40e\\\u002680e:v600r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne20:v200r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:atb:v200r001c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx600:v200r002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40e\\\u002680e:v300r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne40e\\\u002680e:v600r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v100r006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v100r005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne5000e:v800r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx600:v600r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:me60:v600r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:cx600:v600r001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ma5200g:v200r003:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:ne5000e:v300r007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3268"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kurt Grutzmacher and CERT/CC.",
"sources": [
{
"db": "BID",
"id": "56183"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3268",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.3,
"collateralDamagePotential": "MEDIUM-HIGH",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.7,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 8.6,
"id": "CVE-2012-3268",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.5,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3268",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "VHN-56549",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3268",
"trust": 1.6,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-3268",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-540",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-56549",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#225404"
},
{
"db": "VULHUB",
"id": "VHN-56549"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"db": "NVD",
"id": "CVE-2012-3268"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community. HP/H3C Made and Huawei There are vulnerabilities in network devices that lack access restrictions. HP/H3C Made and Huawei Network devices SNMP There is a problem with request processing and there is a vulnerability with insufficient access restrictions.A remote attacker may gain access to the management functions of the product. Multiple HP products have security vulnerabilities that allow attackers to exploit vulnerabilities to obtain sensitive information. No detailed vulnerability details are currently available. Hewlett-Packard (HP) is the world\u0027s leading high-tech provider, providing a full range of products such as notebooks, desktop computers, and workstations. The vulnerability is caused by the program not implementing access control correctly as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0. Through SNMP requests with read-only communities, remote authentication attackers exploit this vulnerability to discover credentials in UserInfoEntry values. \n\n\nIdentifiers\n- -----------\n\n US-CERT VU#225404\n CVE-2012-3268\n\n\nVendor release\n- --------------\n\n HP/H3C:\nhttps://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03515685\u0026ac.admitted=1350939600802.876444892.492883150\n\n Huawei: In the works\n\n\nResearcher\n- ----------\n\n Kurt Grutzmacher\n grutz \u003cat\u003e jingojango dot net\n http://grutztopia.jingojango.net/\n twitter: @grutz\n\n\nDetails\n- -------\n\nHuawei/H3C have two OIDs, \u0027old\u0027 and \u0027new\u0027:\n\n old: 1.3.6.1.4.1.2011.10\n new: 1.3.6.1.4.1.25506\n\nMost devices support both formats. \n\nThe MIBs h3c-user.mib and hh3c-user.mib, for the purpose of this\ndocument, will be referred to as (h)h3c-user.mib. This MIB defines the\ninternal table and objects to \"Manage configuration and Monitor running\nstate for userlog feature.\"\n\nThis means there are some cool objects with data in this MIB penetration\ntesters or malicious actors would want to get their dirty little hands\non. Most objects are only accessible with the read/write community string. \n\nIn the revision history of (h)h3c-user.mib, version 2.0 modified the\nMAX-ACCESS from read-only to read-create the following objects within\nthe (h)h3cUserInfoEntry sequence:\n\n (h)h3cUserName\n (h)h3cUserPassword\n (h)h3cAuthMode\n (h)h3cUserLevel\n\nThe purpose of these objects are to provide the locally configured users\nto those with a valid SNMP community. After the change only those with\nthe read-write community string should have access, however this was not\nthe case and the code still retained the earlier access of read-only. \n\nSo if you have the SNMP public community string then you have the\nability to view these entries. \n\n\nWhy this is impactful\n- ---------------------\n\nThe (h)h3cUserPassword is presented in one of three formats as defined\nin the (h)h3cAuthMode object and mirrors how passwords are stored in the\ndevice configuration:\n\n 0 -- password simple, meaning cleartext\n 7 -- password cipher, meaning ciphertext\n 9 -- password sha-256, meaning one-way sha-256 hash\n\nSHA-256 is a recent addition and is not supported on all devices yet. \n\n\nGlobbing some users\n- -------------------\n\nYou must have an SNMP read-only or read-write string and access to the\nSNMP port (udp/161) for this to work:\n\n $ snmpwalk ?c public ?v 1 $IP 1.3.6.1.4.1.2011.10.2.12.1.1.1\n\nor\n\n $ snmpwalk ?c public ?v 1 $IP 1.3.6.1.4.1.25506.2.12.1.1.1\n\n\nWeaponizing\n- -----------\n\nFiles relevant to this disclosure:\n\n hh3c-localuser-enum.rb - Metasploit auxiliary scanner module\n snmp-h3c-login.nse - Nmap Scripting Engine module\n\nThese will soon be posted to https://github.com/grutz/h3c-pt-tools and\nrequested to be added to each tool. \n\n\nMitigation\n- ----------\n\nBy itself this is already bad but most users who do any of the following\nmay already be protected:\n\n 1. Use complex SNMP community strings or disable SNMPv1\n 2. Have disabled the mib entries for (h)h3c-user\n 3. Do not define local users, use RADIUS or TACACS+\n\nMore specific routines can be found in the vendor\u0027s release. \n\n\nWhy this is a bigger problem\n- ----------------------------\n\nPeople make poor choices. They like to think their equipment won\u0027t rat\nthem out so they use cleartext passwords on networking equipment. \n\nThe cipher is an interesting one because it\u0027s basically an unknown... \nWhat, you think the only thing I had to share at Toorcon was SNMP and\nsome cleartext credentials?\n\n\nTimeline\n- --------\n\nJune-ish 2012: Research begins after seeing something cool on a\npenetration test\n\nAugust 6, 2012: Contacted US-CERT to coordinate vendor disclosure, VU#225404\n\nSeptember 5, 2012: No response from H3C, contacted US-CERT again\n\nSeptember 6, 2012: H3C (through US-CERT) requests more time, I state\nintention to present findings at Toorcon (Oct 19/20, 2012) or disclose\nif talk not accepted. \n\nSeptember 18, 2012: Approved for Toorcon! Information goes up not long\nafter on Toorcon website. \n\nSeptember 18-October 16, 2012: Build slides, work on tools, no contact\nwith US-CERT or vendors. \n\nOctober 16, 2012: HP contacts me directly asking that I not present this\ninformation at Toorcon\n\nOctober 18, 2012: Publicly state agreement to cancel the Toorcon talk\n\nOctober 22, 2012: HP discloses! What what? Why bother putting any\npressure not to give the talk if you\u0027re gonna give everything out 2 days\nlater?\n\nOctober 23, 2012: So I publish. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03515685\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03515685\nVersion: 2\n\nHPSBHF02819 SSRT100920 rev.2 - HP, 3COM, and H3C Routers \u0026 Switches, Remote\nDisclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2012-10-25\nLast Updated: 2012-10-25\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP, 3COM, and\nH3C routers and switches. The vulnerabilities could be remotely exploited\nresulting in disclosure of information. \n\nFor more information, refer to CERT VU#225404 on the CERT website. \n\nReferences: SSRT100962, CVE-2012-3268, CERT VU#225404\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nVendor\n Product Name\n Product Number\n\nHP\n 10500/7500 Advanced VPN Firewall Module\n JD249A\n\nH3C\n S7500E SecBlade VPN Firewall Module\n 0231A832, LSQ1FWBSC0\n\nHP\n 10504 Switch Chassis\n JC613A\n\nHP\n 10508 Switch Chassis\n JC612A\n\nHP\n 10508-V Switch Chassis\n JC611A\n\nHP\n 10512 Switch Chassis\n JC748A\n\nHP\n 12500 VPN Firewall Module\n JC635A\n\nHP\n 12508 DC Switch Chassis\n JC652A\n\nHP\n 12508 Switch Chassis\n JC086A\n\nH3C\n S12508 Chassis\n 0235A38N\n\nHP\n 12508 Switch Chassis\n JF431A\n\nHP\n A12508 Switch Chassis\n\nH3C\n S12508 Chassis\n 0235A0E6\n\nHP\n 12508 Switch Chassis\n JF431B\n\nHP\n A12508 Switch Chassis\n\nH3C\n S12508 (AC-1) Routing Switch\n 0235A0GE\n\nHP\n 12508 Switch Chassis\n JF431C\n\nHP\n 12518 DC Switch Chassis\n JC653A\n\nHP\n 12518 DC Switch Chassis\n JC653A\n\nHP\n 12518 Switch Chassis\n JC085A\n\nHP\n A12518 Switch Chassis\n\nH3C\n S12518 Chassis\n 0235A38M\n\nHP\n 12518 Switch Chassis\n JF430A\n\nHP\n A12518 Switch Chassis\n\nH3C\n S12518 Chassis\n 0235A0E7\n\nHP\n 12518 Switch Chassis\n JF430B\n\nHP\n A12518 Switch Chassis\n\nH3C\n S12518 (AC-1) Routing Switch\n 0235A0GF\n\nHP\n 12518 Switch Chassis\n JF430C\n\nHP\n 1910-16G Switch\n JE005A\n\n3Com\n Baseline Plus 2900G Switch - 20 port\n 3CRBSG2093\n\nHP\n 1910-24G Switch\n JE006A\n\n3Com\n Baseline Plus 2900G Switch - 28 port\n 3CRBSG2893\n\nHP\n 1910-24G-PoE (365W) Switch\n JE007A\n\n3Com\n Baseline Plus 2900G Switch - 28HPWR\n 3CRBSG28HPWR93\n\nHP\n 1910-24G-PoE (170W) Switch\n JE008A\n\nHP\n V1910-24G-PoE (170W) Switch\n\n3Com\n Baseline Plus 2900G Switch - 28PWR\n 3CRBSG28PWR93\n\nHP\n 1910-48G Switch\n JE009A\n\n3Com\n Baseline Plus 2900 Switch Gigabit Family - 52 port\n 3CRBSG5293\n\nHP\n 1910-8G Switch\n JG348A\n\nHP\n 1910-8G-PoE+ (180W) Switch\n JG350A\n\nHP\n 1910-8G-PoE+ (65W) Switch\n JG349A\n\nHP\n 200-CS UTM Appliance\n JD268A\n\nH3C\n SecPath U200-CS\n 0235A0CT\n\nHP\n 200-M UTM Appliance\n JD274A\n\nHP\n 3000-10G-PoE+ Wireless Switch\n JD450A\n\nHP\n A3000-10G-PoE+ Wireless Switch\n\nH3C\n WX3010,8 PoEPlus\n 0235A37U\n\nHP\n 3000-24G-PoE+ Wireless Switch\n JD449A\n\nHP\n A3000-24G-PoE+ Wireless Switch\n\nH3C\n WX3024,4SFPCombo Plus Slot Plus PoEPlus\n 0235A37T\n\nHP\n 3000-8G-PoE+ Wireless Switch\n JD444A\n\nH3C\n WX3008, 4 POE Plus\n 0235A0AS\n\nHP\n 3012 Router\n JD916A\n\n3Com\n 3012 Router\n 3C13612\n\nHP\n 3013 Router\n JD917A\n\n3Com\n 3013 Router\n 3C13613\n\nHP\n 3016 Router\n JD918A\n\n3Com\n 3016 Router\n 3C13616\n\nHP\n 3036 Router\n JD921A\n\n3Com\n 3036 Router\n 3C13636\n\nHP\n 3040 Router\n JD922A\n\n3Com\n 3040 Router\n 3C13640\n\nHP\n 3041 Router\n JD923A\n\n3Com\n 3041 Router\n 3C13641\n\nHP\n 3100-16 DC EI Switch\n JD314A\n\nHP\n A3100-16 DC EI Switch\n\nH3C\n S3100-16TP-EI - model LS-3100-16TP-EI-H3-D-O\n 0235A23H\n\nHP\n 3100-16 EI Switch\n JD319A\n\nH3C\n S3100-16TP-EI - model LS-3100-16TP-EI-H3-A-O\n 0235A300\n\nHP\n 3100-16 SI Switch\n JD305A\n\nH3C\n S3100-16T-SI - model LS-S3100-16T-SI-AC-OVS\n 0235A15C\n\nHP\n 3100-16 v2 EI Switch\n JD319B\n\nHP\n 3100-16 v2 SI Switch\n JG222A\n\nHP\n 3100-16-PoE EI Switch\n JD312A\n\nH3C\n S3100-16TP-PWR-EI - model LS-3100-16TP-PWR-EI-H3\n 0235A19C\n\nHP\n 3100-24 DC EI Switch\n JD315A\n\nHP\n A3100-24 DC EI Switch\n\nH3C\n S3100-26TP-EI - model LS-3100-26TP-EI-H3-D-O\n 0235A23P\n\nHP\n 3100-24 EI Switch\n JD320A\n\nHP\n A3100-24 EI Switch\n\nH3C\n S3100-26TP-EI - model LS-3100-26TP-EI-H3-A-O\n 0235A301\n\nHP\n 3100-24 SI Switch\n JD306A\n\nHP\n A3100-24 SI Switch\n\nH3C\n S3100-26T-SI - model LS-S3100-26T-SI-AC-OVS\n 0235A15D\n\nHP\n 3100-24 v2 EI Switch\n JD320B\n\nHP\n 3100-24 v2 SI Switch\n JG223A\n\nHP\n 3100-24-PoE EI Switch\n JD313A\n\nHP\n A3100-24-PoE EI Switch\n\nH3C\n S3100-26TP-PWR-EI - model LS-3100-26TP-PWR-EI-H3\n 0235A19D\n\nHP\n 3100-24-PoE v2 EI Switch\n JD313B\n\nHP\n 3100-48 Switch\n JD317A\n\nH3C\n S3100-52P - model LS-3100-52P-OVS-H3\n 0235A248\n\nHP\n 3100-48 v2 Switch\n JG315A\n\nHP\n 3100-8 DC EI Switch\n JD316A\n\nH3C\n S3100-8TP-EI - model LS-3100-8TP-EI-H3-D-O\n 0235A23T\n\nHP\n 3100-8 EI Switch\n JD318A\n\nH3C\n S3100-8TP-EI - model LS-3100-8TP-EI-H3-A-O\n 0235A29Y\n\nHP\n 3100-8 SI Switch\n JD304A\n\nHP\n A3100-8 SI Switch\n\nH3C\n S3100-8T-SI - model LS-S3100-8T-SI-AC-OVS\n 0235A15B\n\nHP\n 3100-8 SI Switch\n JD307A\n\nH3C\n S3100-8C-SI - model LS-S3100-8C-SI-AC-OVS\n 0235A15F\n\nHP\n 3100-8 v2 EI Switch\n JD318B\n\nHP\n 3100-8 v2 SI Switch\n JG221A\n\nHP\n 3100-8-PoE EI Switch\n JD311A\n\nH3C\n S3100-8TP-PWR-EI - model LS-3100-8TP-PWR-EI-H3\n 0235A19B\n\nHP\n 3600-24 EI Switch\n JD331A\n\nHP\n A3600-24 EI Switch\n\nH3C\n S3600-28P-EI - model LS-3600-28P-EI-OVS\n 0235A10H\n\nHP\n 3600-24 SI Switch\n JD330A\n\nHP\n A3600-24 SI Switch\n\nH3C\n S3600-28P-SI - model LS-3600-28P-SI-OVS\n 0235A10G\n\nHP\n 3600-24 v2 EI Switch\n JG299A\n\nHP\n 3600-24 v2 SI Switch\n JG304A\n\nHP\n 3600-24-PoE EI Switch\n JD326A\n\nHP\n A3600-24-PoE EI Switch\n\nH3C\n S3600-28P-PWR-EI - model LS-3600-28P-PWR-EI-OVS\n 0235A10C\n\nHP\n 3600-24-PoE SI Switch\n JD325A\n\nHP\n A3600-24-PoE SI Switch\n\nH3C\n S3600-28P-PWR-SI - model LS-3600-28P-PWR-SI-OVS\n 0235A10B\n\nHP\n 3600-24-PoE+ v2 EI Switch\n JG301A\n\nHP\n 3600-24-SFP EI Switch\n JD334A\n\nHP\n A3600-24-SFP EI Switch\n\nH3C\n S3600-28F-EI - model LS-3600-28F-EI-OVS\n 0235A10L\n\nHP\n 3600-24-SFP v2 EI Switch\n JG303A\n\nHP\n 3600-24TP SI Switch\n JD329A\n\nHP\n A3600-24TP SI Switch\n\nH3C\n S3600-28TP-SI - model LS-3600-28TP-SI-OVS\n 0235A10F\n\nHP\n 3600-48 EI Switch\n JD333A\n\nHP\n A3600-48 EI Switch\n\nH3C\n S3600-52P-EI - model LS-3600-52P-EI-OVS\n 0235A10K\n\nHP\n 3600-48 SI Switch\n JD332A\n\nH3C\n S3600-52P-SI - model LS-3600-52P-SI-OVS\n 0235A10J\n\nHP\n 3600-48 v2 EI Switch\n JG300A\n\nHP\n 3600-48 v2 SI Switch\n JG305A\n\nHP\n 3600-48-PoE EI Switch\n JD328A\n\nHP\n A3600-48-PoE EI Switch\n\nH3C\n S3600-52P-PWR-EI - model LS-3600-52P-PWR-EI-OVS\n 0235A10E\n\nHP\n 3600-48-PoE SI Switch\n JD327A\n\nHP\n A3600-48-PoE SI Switch\n\nH3C\n S3600-52P-PWR-SI - model LS-3600-52P-PWR-SI-OVS\n 0235A10D\n\nHP\n 3600-48-PoE+ v2 EI Switch\n JG302A\n\nHP\n 3600-48-PoE+ v2 SI Switch\n JG307A\n\nHP\n 3610-24-2G-2G-SFP Switch\n JD337A\n\nHP\n A3610-24-2G-SFP Switch\n\nH3C\n S3610-28TP - model LS-3610-28TP-OVS\n 0235A22E\n\nHP\n 3610-24-4G-SFP Switch\n JD336A\n\nHP\n A3610-24-4G Switch\n\nH3C\n S3610-28P - model LS-3610-28P-OVS\n 0235A22D\n\nHP\n 3610-24-SFP Switch\n JD338A\n\nHP\n A3610-24-SFP Switch\n\nH3C\n S3610-28F - model LS-3610-28F-OVS\n 0235A22F\n\nHP\n 3610-48 Switch\n JD335A\n\nHP\n A3610-48 Switch\n\nH3C\n S3610-52P - model LS-3610-52P-OVS\n 0235A22C\n\nHP\n 4200-12G Switch\n JE015A\n\nHP\n E4200-12G Switch\n\n3Com\n 4200G Switch 12-Port\n 3CR17660-91\n\nHP\n 4210-16 Switch\n JE024A\n\nHP\n E4210-16 Switch\n\n3Com\n 4210 Switch 18-Port\n 3CR17332-91\n\nHP\n 4210-16 Switch\n JE025A\n\n3Com\n SWITCH 4210 18-Port\n 3CR17332A-91\n\nHP\n 4210-24 Switch\n JE026A\n\n3Com\n 4210 Switch 26-Port\n 3CR17333-91\n\nHP\n 4210-24 Switch\n JF427A\n\nHP\n E4210-24 Switch\n\n3Com\n 4210 Switch 26-Port\n 3CR17333A-91\n\nHP\n 4210-24G Switch\n JF844A\n\nHP\n E4210-24G Switch\n\n3Com\n 4210-24G Switch\n 3CRS42G-24-91\n\nHP\n 4210-24G-PoE Switch\n JF846A\n\nHP\n E4210-24G-PoE Switch\n\n3Com\n Switch E4210-24G-PoE\n 3CRS42G-24P-91\n\nHP\n 4210-24-PoE Switch\n JE032A\n\n3Com\n 4210 Switch PWR 26-Port\n 3CR17343-91\n\nHP\n 4210-24-PoE Switch\n JE033A\n\n3Com\n 4210 PWR Switch 26-Port\n 3CR17343A-91\n\nHP\n 4210-48 Switch\n JE027A\n\n3Com\n 4210 Switch 52-Port\n 3CR17334-91\n\nHP\n 4210-48G Switch\n JF845A\n\nHP\n E4210-48G Switch\n\n3Com\n 4210-48G Switch\n 3CRS42G-48-91\n\nHP\n 4210-8 Switch\n JE021A\n\n3Com\n 4210 Switch 9-Port\n 3CR17331-91\n\nHP\n 4210-8 Switch\n JE022A\n\n3Com\n 4210 Switch 9-Port\n 3CR17331A-91\n\nHP\n 4210-8-PoE Switch\n JE028A\n\n3Com\n 4210 PWR Switch 9-Port\n 3CR17341-91\n\nHP\n 4210-8-PoE Switch\n JE029A\n\n3Com\n 4210 PWR Switch 9-Port\n 3CR17341A-91\n\nHP\n 4500-24 Switch\n JE045A\n\n3Com\n 4500 Switch 26-Port\n 3CR17561-91\n\nHP\n 4500-24G-PoE Switch\n JE061A\n\n3Com\n 4500G PWR Switch 24-Port\n 3CR17771-91\n\nHP\n 4500-24-PoE Switch\n JE047A\n\n3Com\n 4500 PWR Switch 26-Port\n 3CR17571-91\n\nHP\n 4500-48 Switch\n JE046A\n\n3Com\n 4500 Switch 50-Port\n 3CR17562-91\n\nHP\n 4500-48G-PoE Switch\n JE063A\n\nHP\n E4500-48G-PoE Switch\n\n3Com\n 4500G PWR Switch 48-Port\n 3CR17772-91\n\nHP\n 4500-48-PoE Switch\n JE048A\n\n3Com\n 4500 PWR Switch 50-Port\n 3CR17572-91\n\nHP\n 4510-24G Switch\n JF847A\n\nHP\n E4510-24G Switch\n\n3Com\n Switch E4510-24G\n 3CRS45G-24-91\n\nHP\n 4510-48G Switch\n JF428A\n\nHP\n E4510-48G Switch\n\n3Com\n 4510G Switch 48 Port\n 3CRS45G-48-91\n\nHP\n 4800-24G Switch\n JD007A\n\n3Com\n 4800G Switch 24-Port\n 3CRS48G-24-91\n\nHP\n 4800-24G-PoE Switch\n JD008A\n\n3Com\n 4800G PWR Switch 24-Port\n 3CRS48G-24P-91\n\nHP\n 4800-24G-SFP Switch\n JD009A\n\nHP\n E4800-24G-SFP Switch\n\n3Com\n 4800G Switch 24-Port SFP\n 3CRS48G-24S-91\n\nHP\n 4800-48G Switch\n JD010A\n\n3Com\n 4800G Switch 48-Port\n 3CRS48G-48-91\n\nHP\n 4800-48G-PoE Switch\n JD011A\n\n3Com\n 4800G PWR Switch 48-Port\n 3CRS48G-48P-91\n\nHP\n 5012 Router\n JD935A\n\n3Com\n 5012 Router\n 3C13701\n\nHP\n 5120-16G SI Switch\n JE073A\n\nH3C\n S5120-20P-SI L2, 16GE Plus 4SFP\n 0235A42B\n\nHP\n 5120-24G EI TAA-compliant Switch with 2 Interface Slots\n JG245A\n\nHP\n 5120-24G SI Switch\n JE074A\n\nH3C\n S5120-28P-SI 24GE Plus 4 SFP\n 0235A42D\n\nHP\n 5120-24G-PoE+ (170W) SI Switch\n JG092A\n\nH3C\n S5120-28P-PWR-SI\n 0235A0E3\n\nHP\n 5120-24G-PoE+ (370W) SI Switch\n JG091A\n\nH3C\n S5120-28P-HPWR-SI\n 0235A0E5\n\nHP\n 5120-24G-PoE+ EI Switch with 2 Interface Slots\n JG236A\n\nHP\n 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots\n JG247A\n\nHP\n 5120-48G EI TAA-compliant Switch with 2 Interface Slots\n JG246A\n\nHP\n 5120-48G SI Switch\n JE072A\n\nHP\n A5120-48G SI Switch\n\nH3C\n S5120-52P-SI 48GE Plus 4 SFP\n 0235A41W\n\nHP\n 5120-48G-PoE+ EI Switch with 2 Interface Slots\n JG237A\n\nHP\n 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots\n JG248A\n\nHP\n 5232 Router\n JD943A\n\n3Com\n 5232 Router\n 3C13751\n\nHP\n 5500-24G DC EI Switch\n JD373A\n\nH3C\n S5500-28C-EI-DC,Ethernet Switch\n 0235A24S\n\nHP\n 5500-24G EI Switch\n JD377A\n\nH3C\n S5500-28C-EI,Ethernet Switch\n 0235A253\n\nHP\n 5500-24G EI TAA-compliant Switch with 2 Interface Slots\n JG250A\n\nHP\n 5500-24G SI Switch\n JD369A\n\nH3C\n S5500-28C-SI,Ethernet Switch\n 0235A04U\n\nHP\n 5500-24G-4SFP HI Switch with 2 Interface Slots\n JG311A\n\nHP\n 5500-24G-PoE EI Switch\n JD378A\n\nH3C\n S5500-28C-PWR-EI,Ethernet Switch\n 0235A255\n\nHP\n 5500-24G-PoE SI Switch\n JD371A\n\nH3C\n S5500-28C-PWR-SI,Ethernet Switch\n 0235A05H\n\nHP\n 5500-24G-PoE+ EI Switch with 2 Interface Slots\n JG241A\n\nHP\n 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface Slots\n JG252A\n\nHP\n 5500-24G-PoE+ SI Switch with 2 Interface Slots\n JG238A\n\nHP\n 5500-24G-SFP DC EI Switch\n JD379A\n\nH3C\n S5500-28F-EI,Eth Swtch,DC Single Pwr\n 0235A259\n\nHP\n 5500-24G-SFP EI Switch\n JD374A\n\nH3C\n S5500-28F-EI,Eth Switch,AC Single\n 0235A24U\n\nHP\n 5500-24G-SFP EI TAA-compliant Switch with 2 Interface Slots\n JG249A\n\nHP\n 5500-48G EI Switch\n JD375A\n\nH3C\n S5500-52C-EI,Ethernet Switch\n 0235A24X\n\nHP\n 5500-48G EI TAA-compliant Switch with 2 Interface Slots\n JG251A\n\nHP\n 5500-48G SI Switch\n JD370A\n\nH3C\n S5500-52C-SI,Ethernet Switch\n 0235A04V\n\nHP\n 5500-48G-4SFP HI Switch with 2 Interface Slots\n JG312A\n\nHP\n 5500-48G-PoE EI Switch\n JD376A\n\nH3C\n S5500-52C-PWR-EI,Ethernet Switch\n 0235A251\n\nHP\n 5500-48G-PoE SI Switch\n JD372A\n\nH3C\n S5500-52C-PWR-SI,Ethernet Switch\n 0235A05J\n\nHP\n 5500-48G-PoE+ EI Switch with 2 Interface Slots\n JG240A\n\nHP\n 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface Slots\n JG253A\n\nHP\n 5500-48G-PoE+ SI Switch with 2 Interface Slots\n JG239A\n\nHP\n 5500G-24 EI 10/100/1000 No Power Supply Unit Switch\n JF551A\n\n3Com\n SS4 5500G-EI Switch 24PT (NO PSU)\n 3CR17254-91\n\nHP\n 5500G-24 EI SFP No Power Supply Unit Switch\n JF553A\n\n3Com\n SS4 5500G-EI 24 Port,SFP (NO PSU)\n 3CR17259-91\n\nHP\n 5500G-48 EI 10/100/1000 No Power Supply Unit Switch\n JF552A\n\n3Com\n SS4 5500G-EI Switch 48PT (NO PSU)\n 3CR17255-91\n\nHP\n 5682 Router\n JD946A\n\n3Com\n 5682 Router\n 3C13759\n\nHP\n 5800-24G Switch\n JC100A\n\nH3C\n S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot\n 0235A36U\n\nHP\n 5800-24G TAA-compliant Switch\n JG255A\n\nHP\n 5800-24G-PoE Switch\n JC099A\n\nH3C\n S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X (SFP\nPlus ) Plus 1 media module, PoE\n 0235A36S\n\nHP\n 5800-24G-PoE+ TAA-compliant Switch\n JG254A\n\nHP\n 5800-24G-SFP Switch\n JC103A\n\nH3C\n S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus\nmedia module (no power)\n 0235A374\n\nHP\n 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n JG256A\n\nHP\n 5800-48G Switch\n JC105A\n\nH3C\n S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus )\nPlus media module\n 0235A379\n\nHP\n 5800-48G Switch with 2 Slots\n JC101A\n\nH3C\n S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM\n 0235A36W\n\nHP\n 5800-48G TAA-compliant Switch with 1 Interface Slot\n JG258A\n\nHP\n 5800-48G-PoE Switch\n JC104A\n\nH3C\n S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module\n 0235A378\n\nHP\n 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n JG257A\n\nHP\n 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots\n JG242A\n\nHP\n 5800AF-48G Switch\n JG225A\n\nHP\n 5810-48G Switch\n JF242A\n\nHP\n A5810-48G with 2 SFP+ slots AC Switch\n\nH3C\n S5810 48-BT, 2 SFP Plus , AC\n 0235A42H\n\nHP\n 5820 VPN Firewall Module\n JD255A\n\nHP\n A5820 VPN Firewall Module\n\nH3C\n S5820 SecBlade VPN Firewall Module\n LSWM1FW10, 0231A94J\n\nHP\n 5830 CTO Built Switch\n JG478A\n\nHP\n 5830AF-48G Switch with 1 Interface Slot\n JC691A\n\nHP\n 5830AF-96G Switch\n JC694A\n\nHP\n 6600 Firewall Processing Router Module\n JD250A\n\nHP\n A6600 Firewall Processing Module\n\nH3C\n SR66 Gigabit Firewall Module\n 0231A88A\n\nHP\n 6600 RPE-X1 Router Module\n JC165A\n\nHP\n A6600 RPE-X1 Main Processing Unit\n\nH3C\n RT-SR66-RPE-X1-H3\n RPE-X1, 0231A761\n\nHP\n 6600 RSE-X1 Router Main Processing Unit\n JC566A\n\nHP\n 6602 Router Chassis\n JC176A\n\nHP\n A6602 Router\n\nH3C\n SR6602 1U Router Host\n 0235A27D\n\nHP\n 6604 Router Chassis\n JC178A\n\nHP\n A6604 Router Chassis\n\nH3C\n RT-SR6604-OVS-H3\n 0235A37X\n\nHP\n 6604 Router Chassis\n JC178B\n\nHP\n 6608 Router\n JC177A\n\nHP\n A6608 Router\n\nH3C\n RT-SR6608-OVS-H3\n 0235A32X\n\nHP\n 6608 Router Chassis\n JC177B\n\nHP\n 6616 Router Chassis\n JC496A\n\nHP\n A6616 Router Chassis\n\nH3C\n SR6616 Router Chassis\n 0235A41D\n\nHP\n 7500 384Gbps Fabric Module\n JD194A\n\nHP\n A7500 384Gbps Fabric/Main Processing Unit\n\nH3C\n S7500E 384 Gbps Fabric\n 0231A73K\n\nHP\n 7500 384Gbps Fabric Module with 2 XFP Ports\n JD193A\n\nHP\n A7500 384Gbps Fabric/Main Processing Unit with 2 10GbE XFP Ports\n\nH3C\n S7500E 384 Gbps Fabric w/ 2-port 10GBASE-X (XFP)\n 0231A73J\n\nHP\n 7500 384Gbps Fabric Module with 2 XFP Ports\n JD193B\n\nHP\n A7500 384Gbps Fabric/Main Processing Unit with 2 10GbE XFP Ports\n\nH3C\n S7500E Salience VI-10G Switch and Route Processing Unit,with 2 XFP\nInterfaces\n LSQ1SRP2XB0, 0231A0KW\n\nHP\n 7500 384Gbps TAA-compliant Fabric / Main Processing Unit\n JC700A\n\nHP\n 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP Ports\n JC699A\n\nHP\n 7500 768Gbps Fabric Module\n JD220A\n\nHP\n A7510 768Gbps Fabric/Main Processing Unit\n\nH3C\n S7510E 768 Gbps Fabric\n LSQ1SRPD0, 0231A86P\n\nHP\n 7500 768Gbps TAA-compliant Fabric / Main Processing Unit\n JC701A\n\nHP\n A7510 768Gbps TAA-compliant Fabric/Main Processing Unit\n\nHP\n 7502 Switch Chassis\n JD242A\n\nHP\n A7502 Switch Chassis\n\nH3C\n S7502E Chassis w/ fans\n 0235A29A\n\nHP\n 7502 Switch Chassis\n JD242B\n\nH3C\n S7502E Ethernet Switch Chassis with Fan\n 0235A0G4\n\nHP\n 7502 TAA-compliant Main Processing Unit\n JC697A\n\nHP\n A7502 TAA-compliant Main Processing Unit\n\nHP\n 7503 Switch Chassis\n JD240A\n\nHP\n A7503 Switch Chassis\n\nH3C\n S7503E Chassis w/ fans\n 0235A27R\n\nHP\n 7503 Switch Chassis\n JD240B\n\nHP\n A7503 Switch Chassis\n\nH3C\n S7503E Ethernet Switch Chassis with Fan\n 0235A0G2\n\nHP\n 7503 Switch Chassis with 1 Fabric Slot\n JD243A\n\nHP\n A7503-S Switch Chassis\n\nH3C\n S7503E-S Chassis w/ fans\n 0235A33R\n\nHP\n 7503 Switch Chassis with 1 Fabric Slot\n JD243B\n\nH3C\n S7503E-S Ethernet Switch Chassis with Fan\n 0235A0G5\n\nHP\n 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port Gig-T/4-port GbE Combo\n JC666A\n\nHP\n 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8 GbE Combo Ports\n JC698A\n\nHP\n 7506 Switch Chassis\n JD239A\n\nHP\n A7506 Switch Chassis H3C S7506E Chassis w/ fans\n 0235A27Q\n\nHP\n 7506 Switch Chassis\n JD239B\n\nHP\n A7506 Switch Chassis\n\nH3C\n S7506E Ethernet Switch Chassis with Fan\n 0235A0G1\n\nHP\n 7506 Vertical Switch Chassis\n JD241A\n\nHP\n A7506-V Switch Chassis\n\nH3C\n S7506E-V Chassis w/ fans\n 0235A27S\n\nHP\n 7506 Vertical Switch Chassis\n JD241B\n\nHP\n A7506-V Switch Chassis\n\nH3C\n S7506E-V Ethernet Switch Chassis with Fan\n 0235A0G3\n\nHP\n 7510 Switch Chassis\n JD238A\n\nHP\n A7510 Switch Chassis\n\nH3C\n S7510E Chassis w/ fans\n 0235A25N\n\nHP\n 7510 Switch Chassis\n JD238B\n\nHP\n A7510 Switch Chassis\n\nH3C\n S7510E Ethernet Switch Chassis with Fan\n 0235A0G0\n\nHP\n 8800 Firewall Processing Module\n JD251A\n\nH3C\n SR88 Firewall Processing Module\n 0231A88L\n\nHP\n 8802 Router Chassis\n JC147A\n\nHP\n A8802 Router Chassis\n\nH3C\n SR8802 10G Core Router Chassis\n 0235A31B\n\nHP\n 8802 Router Chassis\n JC147B\n\nHP\n A8802 Router Chassis\n\nH3C\n SR8802 10G Core Router Chassis\n 0235A0GC\n\nHP\n 8805 Router Chassis\n JC148A\n\nHP\n A8805 Router Chassis\n\nH3C\n SR8805 10G Core Router Chassis\n 0235A31C\n\nHP\n 8805 Router Chassis\n JC148B\n\nHP\n A8805 Router Chassis\n\nH3C\n SR8805 10G Core Router Chassis\n 0235A0G8\n\nHP\n 8807 7-slot Chassis Kit\n JE203A\n\n3Com\n 8807 Switch 7-slot Chassis Kit\n 3C17543\n\nHP\n 8807 Kit (TAA) Switch\n JE204A\n\n3Com\n SW8807 Kit TAA\n 3C17543TAA\n\nHP\n 8808 Router Chassis\n JC149A\n\nHP\n A8808 Router Chassis\n\nH3C\n SR8808 10G Core Router Chassis\n 0235A31D\n\nHP\n 8808 Router Chassis\n JC149B\n\nHP\n A8808 Router Chassis\n\nH3C\n SR8808 10G Core Router Chassis\n 0235A0G9\n\nHP\n 8810 10-slot AC (TAA) Chassis Kit\n JE201A\n\n3Com\n SW8810 AC Chassis Kit TAA\n 3C17541TAA\n\nHP\n 8810 10-slot Chassis Kit\n JE200A\n\n3Com\n 8810 Switch 10-slot Chassis Kit\n 3C17541\n\nHP\n 8812 Router Chassis\n JC150A\n\nHP\n A8812 Router Chassis\n\nH3C\n SR8812 10G Core Router Chassis\n 0235A31E\n\nHP\n 8812 Router Chassis\n JC150B\n\nHP\n A8812 Router Chassis\n\nH3C\n SR8812 10G Core Router Chassis\n 0235A0GA\n\nHP\n 8814 14-slot AC (TAA) Chassis Kit\n JE199A\n\n3Com\n SW8814 AC Chassis Kit TAA\n 3C17540TAA\n\nHP\n 8814 14-slot Chassis Kit\n JE198A\n\n3Com\n 8814 Switch 14-slot Chassis Kit\n 3C17540\n\nHP\n 9500 VPN Firewall Module\n JD245A\n\nH3C\n S9500E SecBlade VPN Firewall Module\n LSR1FW2A1, 0231A0AV\n\nHP\n 9505 Switch Chassis\n JC124B\n\nHP\n A9505 Switch Chassis\n\nH3C\n S9505E Routing-Switch Chassis\n 0235A0G6\n\nHP\n 9508-V Switch Chassis\n JC474A\n\nH3C\n S9508E-V Routing-Switch Chassis\n 0235A38Q\n\nHP\n 9508-V Switch Chassis\n JC474B\n\nH3C\n S9508E-V Routing-Switch Chassis\n 0235A38Q\n\nHP\n 9512 Switch Chassis\n JC125A\n\nHP\n A9512 Switch Chassis\n\nH3C\n S9512E Chassis w/ Fans\n 0235A38R\n\nHP\n 9512 Switch Chassis\n JC125B\n\nHP\n A9512 Switch Chassis\n\nH3C\n S9512E Routing-Switch Chassis\n 0235A0G7\n\nHP\n A3100 (LS6MCFL1UB) Ethernet Switch\n JE545A\n\nH3C\n S3100 Ethernet Switch,LS6MCFL1UB,Sin\n 0231A65T\n\nHP\n A3100-16 DC SI 2-slot Switch\n JD302A\n\nH3C\n S3100-16C-SI - model LS-S3100-16C-SI-DC-OVS\n 0235A14V\n\nHP\n A3100-16 SI with 2 External Slots Switch\n JD308A\n\nH3C\n S3100-16C-SI - model LS-S3100-16C-SI-AC-OVS\n 0235A15G\n\nHP\n A3100-24 DC SI 2-slot Switch\n JD303A\n\nH3C\n S3100-26C-SI - model LS-S3100-26C-SI-DC-OVS\n 0235A14W\n\nHP\n A3100-24 SI 2-slot Switch\n JD309A\n\nH3C\n S3100-26C-SI - model LS-S3100-26C-SI-AC-OVS\n 0235A15H\n\nHP\n A3100-26C-EPON-EI Switch\n JG059A\n\nHP\n A3100-8 SI 1-slot Switch\n JD310A\n\nH3C\n S3100-8C-SI - model LS-S3100-8C-SI-DC-OVS\n 0235A15J\n\nHP\n A5100-16G EI Switch\n JD351A\n\nH3C\n S5100-16P-EI - model LS-5100-16P-EI-OVS-H3\n 0235A21Q\n\nHP\n A5100-16G SI Switch\n JD356A\n\nH3C\n S5100-16P-SI - model LS-5100-16P-SI-OVS-H3\n 0235A22R\n\nHP\n A5100-16G-PoE EI Switch\n JD353A\n\nH3C\n S5100-16P-PWR-EI - model LS-5100-16P-PWR-EI-OVS\n 0235A22K\n\nHP\n A5100-24G EI Switch\n JD346A\n\nH3C\n S5100-24P-EI - model LS-5100-24P-EI-OVS\n 0235A08K\n\nHP\n A5100-24G EI Switch with SFP Uplink\n JD344A\n\nH3C\n S5100-26C-EI - model LS-5100-26C-EI-OVS\n 0235A08F\n\nHP\n A5100-24G SI Switch\n JD348A\n\nH3C\n S5100-24P-SI - model LS-5100-24P-SI-OVS-H3\n 0235A20Q\n\nHP\n A5100-24G-PoE EI Switch\n JD354A\n\nH3C\n S5100-26C-PWR-EI - model LS-5100-26C-PWR-EI-OVS\n 0235A22M\n\nHP\n A5100-48G EI Switch\n JD347A\n\nH3C\n S5100-48P-EI - model LS-5100-48P-EI-OVS\n 0235A08M\n\nHP\n A5100-48G EI Switch with SFP Uplink\n JD345A\n\nH3C\n S5100-50C-EI - model LS-5100-50C-EI-OVS\n 0235A08H\n\nHP\n A5100-48G SI Switch\n JD349A\n\nH3C\n S5100-48P-SI - model LS-5100-48P-SI-OVS-H3\n 0235A20R\n\nHP\n A5100-48G-PoE EI Switch\n JD355A\n\nH3C\n S5100-50C-PWR-EI - model LS-5100-50C-PWR-EI-OVS\n 0235A22P\n\nHP\n A5100-8G EI Switch\n JD350A\n\nH3C\n S5100-8P-EI - model LS-5100-8P-EI-OVS-H3\n 0235A21P\n\nHP\n A5100-8G SI Switch\n JD357A\n\nH3C\n S5100-8P-SI - model LS-5100-8P-SI-OVS-H3\n 0235A22T\n\nHP\n A5100-8G-PoE EI Switch\n JD352A\n\nH3C\n S5100-8P-PWR-EI - model LS-5100-8P-PWR-EI-OVS\n 0235A22H\n\nHP\n A5120-24G EI Switch\n JE066A\n\nH3C\n S5120-24P-EI 24GE Plus 4ComboSFP\n 0235A0BQ\n\nHP\n A5120-24G EI Switch with 2 Interface Slots\n JE068A\n\nH3C\n S5120-28C-EI 24GE Plus 4Combo Plus 2Slt\n 0235A0BS\n\nHP\n A5120-24G-PoE EI 2-slot Switch\n JE070A\n\nH3C\n S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE\n 0235A0BU\n\nHP\n A5120-48G EI Switch\n JE067A\n\nH3C\n S5120-48P-EI 48GE Plus 4ComboSFP\n 0235A0BR\n\nHP\n A5120-48G EI Switch with 2 Interface Slots\n JE069A\n\nH3C\n S5120-52C-EI 48GE Plus 4Combo Plus 2Slt\n 0235A0BT\n\nHP\n A5120-48G-PoE EI 2-slot Switch\n JE071A\n\nH3C\n S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE\n 0235A0BV\n\nHP\n A6604 Router Bundle with RPE-X1 Modules and Power Supply\n JE528A\n\nH3C\n SR6604 Router Bundle with RPE-X1 and Pow\n 0150A12B\n\nHP\n A6604 Router with 2 RPE-X1 Modules\n JC158A\n\nH3C\n RT-SR6604-OVS Plus 2 RPE-X1 Plus 2 AC-H3\n 0150A12C\n\nHP\n A6608 Router (RT-SR6608-OVS+2 RPE-X1+2 AC-H3) Bundle\n JE527A\n\nH3C\n RT-SR6608-OVS Plus 2 RPE-X1 Plus 2 AC-H3\n 0150A12A\n\nHP\n A6608 Router Bundle with RPE-X1 Modules and Power Supply\n JE526A\n\nH3C\n SR6608 Router Bundle with RPE-X1 and Pow\n 0150A129\n\nHP\n A9508 Switch Chassis\n JC124A\n\nH3C\n S9505E Chassis w/ Fans\n 0235A38P\n\nHP\n A-MSR20-15 A Multi-service Router\n JD670A\n\nH3C\n MSR 20-15 A\n 0235A31Q\n\nHP\n A-MSR20-15 AW Multi-service Router\n JD671A\n\nH3C\n MSR 20-15 A W\n 0235A31R\n\nHP\n A-MSR20-15 I Multi-service Router\n JD672A\n\nH3C\n MSR 20-15 I\n 0235A31N\n\nHP\n A-MSR20-15 IW Multi-service Router\n JD667A\n\nH3C\n MSR 20-15 IW\n 0235A31P\n\nHP\n A-MSR20-21 Router\n JD432A\n\nH3C\n MSR-20-21 Router\n 0235A19J\n\nHP\n A-MSR20-21 Router\n JD663A\n\nH3C\n MSR 20-21\n 0235A325\n\nHP\n A-MSR30-20 Multi-service Router Security Bundle\n JF286A\n\nH3C\n MSR 30-20 Router Host\n RTVZ33020AS, 0235A20S\n\nHP\n A-MSR30-40, RT-MSR3040-AC-OVS-AS-H3 Multi-service Router\n JF232A\n\nH3C\n RT-MSR3040-AC-OVS-AS-H3\n 0235A20V\n\nHP\n AR 18-31E Router\n JD172A\n\nH3C\n AR18-31E Router\n 0235A09T\n\nHP\n E4200-24 SI Switch\n JE013A\n\n3Com\n 4200-SI Switch 28 Port\n 3C17304A\n\nHP\n E4200-24G Switch\n JE016A\n\n3Com\n 4200G Switch 24-Port\n 3CR17661-91\n\nHP\n E4200-24G-PoE Switch\n JE020A\n\n3Com\n 4200G Switch PWR 24-Port\n 3CR17671-91\n\nHP\n E4200-48 SI Switch\n JE012A\n\n3Com\n 4200-SI Switch 50 Port\n 3C17302A\n\nHP\n E4200-48G Switch\n JE018A\n\n3Com\n 4200G Switch 48-Port\n 3CR17662-91\n\nHP\n E4210 8-port (TAA) Switch\n JE023A\n\n3Com\n 4210 Switch 9-Port TAA\n 3CR17331TAA-91\n\nHP\n E4210-16-PoE Switch\n JE031A\n\n3Com\n 4210 Switch PWR 18-Port\n 3CR17342-91\n\nHP\n E4210-8-PoE (TAA) Switch\n JE030A\n\n3Com\n 4210 Switch PWR 9P TAA\n 3CR17341TAA-91\n\nHP\n E4500-24G (TAA) Switch\n JE058A\n\n3Com\n 4500G Switch 24-Port TAA\n 3CR17761TAA-91\n\nHP\n E4500-24G Switch\n JE057A\n\n3Com\n 4500G Switch 24-Port\n 3CR17761-91\n\nHP\n E4500-24G-PoE (TAA) Switch\n JE062A\n\n3Com\n 4500G PWR Switch 24-Port TAA\n 3CR17771TAA-91\n\nHP\n E4500-48G (TAA) Switch\n JE060A\n\n3Com\n 4500G Switch 48-Port TAA\n 3CR17762TAA-91\n\nHP\n E4500-48G Switch\n JE059A\n\n3Com\n 4500G Switch 48-Port\n 3CR17762-91\n\nHP\n E4500-48G-PoE (TAA) Switch\n JE064A\n\n3Com\n 4500G PWR Switch 48-Port TAA\n 3CR17772TAA-91\n\nHP\n E5500-24 EI (TAA) Switch\n JE102A\n\n3Com\n TAA 5500-EI Switch 28-Port\n 3CR17161TAA-91\n\nHP\n E5500-24 SI Switch\n JE099A\n\n3Com\n SS4 5500-SI Switch 28 Port\n 3CR17151-91\n\nHP\n E5500-24 Switch\n JE101A\n\n3Com\n 5500-EI Switch 28-Port\n 3CR17161-91\n\nHP\n E5500-24G (TAA) Switch\n JE089A\n\n3Com\n TAA COMPLIANT 5500G-EI 24-Port\n 3CR17250TAA-91\n\nHP\n E5500-24G Switch\n JE088A\n\n3Com\n 5500G-EI Switch 24 Port\n 3CR17250-91\n\nHP\n E5500-24G-PoE (TAA) Switch\n JE093A\n\n3Com\n TAA COMPLIANT 5500G-EI PWR 24P\n 3CR17252TAA-91\n\nHP\n E5500-24G-PoE Switch\n JE092A\n\n3Com\n 5500G-EI Switch PWR 24-Port\n 3CR17252-91\n\nHP\n E5500-24G-SFP (TAA) Switch\n JE097A\n\n3Com\n TAA COMPLIANT 5500G-EI SFP 24P\n 3CR17258TAA-91\n\nHP\n E5500-24G-SFP Switch\n JE096A\n\n3Com\n 5500G-EI Switch SFP 24-Port\n 3CR17258-91\n\nHP\n E5500-24-PoE EI (TAA) Switch\n JE106A\n\n3Com\n TAA 5500-EI PWR Switch 28-Port\n 3CR17171TAA-91\n\nHP\n E5500-24-PoE Switch\n JE105A\n\n3Com\n 5500-EI PWR Switch 28-Port\n 3CR17171-91\n\nHP\n E5500-24-SFP Switch\n JE109A\n\n3Com\n 5500-EI Switch 28-Port FX\n 3CR17181-91\n\nHP\n E5500-24-SPF EI (TAA) Switch\n JE110A\n\n3Com\n TAA SWITCH 5500-EI 28-Port FX\n 3CR17181TAA-91\n\nHP\n E5500-48 EI (TAA) Switch\n JE104A\n\n3Com\n TAA SWITCH 5500-EI 52-Port\n 3CR17162TAA-91\n\nHP\n E5500-48 SI Switch\n JE100A\n\n3Com\n SS4 SWITCH 5500-SI 52 Port\n 3CR17152-91\n\nHP\n E5500-48 Switch\n JE103A\n\n3Com\n 5500-EI Switch 52-Port\n 3CR17162-91\n\nHP\n E5500-48G (TAA) Switch\n JE091A\n\n3Com\n TAA COMPLIANT 5500G-EI 48-Port\n 3CR17251TAA-91\n\nHP\n E5500-48G Switch\n JE090A\n\n3Com\n 5500G-EI Switch 48-Port\n 3CR17251-91\n\nHP\n E5500-48G-PoE (TAA) Switch\n JE095A\n\n3Com\n TAA COMPLIANT 5500G-EI PWR 48P\n 3CR17253TAA-91\n\nHP\n E5500-48G-PoE Switch\n JE094A\n\n3Com\n 5500G-EI PWR Switch 48-Port\n 3CR17253-91\n\nHP\n E5500-48-PoE EI (TAA) Switch\n JE108A\n\n3Com\n TAA 5500-EI PWR Switch 52-Port\n 3CR17172TAA-91\n\nHP\n E5500-48-PoE Switch\n JE107A\n\n3Com\n 5500-EI PWR Switch 52-Port\n 3CR17172-91\n\nHP\n E7902 Switch Chassis\n JE164A\n\n3Com\n S7902E Chassis Kit w/ fans\n 3CS7902E\n\nHP\n E7903 1 Fabric Slot Switch Chassis\n JE166A\n\n3Com\n S7903E-S Chassis Kit w/ fans\n 3CS7903ES\n\nHP\n E7903 Switch Chassis\n JE165A\n\n3Com\n S7903E Chassis Kit w/ fans\n 3CS7903E\n\nHP\n E7906 Switch Chassis\n JE167A\n\n3Com\n S7906E Chassis Kit w/ fans\n 3CS7906E\n\nHP\n E7906 Vertical Switch Chassis\n JE168A\n\n3Com\n S7906E-V Chassis Kit w/ fans\n 3CS7906EV\n\nHP\n F1000-E VPN Firewall Appliance\n JD272A\n\nH3C\n F1000-E VPN Firewall\n 0235A26G\n\nHP\n F1000-EI VPN Firewall Appliance\n JG214A\n\nHP\n F1000-S-EI VPN Firewall Appliance\n JG213A\n\nHP\n F5000 Firewall Main Processing Unit\n JG215A\n\nHP\n MSR 50-40 Router\n JD655A\n\nH3C\n MSR 50-40 Chassis\n 0235A20N\n\nHP\n MSR20-10 Router\n JD431A\n\nH3C\n MSR 20-10\n 0235A0A7\n\nHP\n MSR20-11 Router\n JD673A\n\nH3C\n MSR 20-11\n 0235A31V\n\nHP\n MSR20-11 Router\n JF239A\n\nH3C\n RT-MSR2011-AC-OVS-H3\n 0235A395\n\nHP\n MSR20-12 Router\n JD674A\n\nH3C\n MSR 20-12\n 0235A32E\n\nHP\n MSR20-12 Router\n JF241A\n\nH3C\n RT-MSR2012-AC-OVS-H3\n 0235A396\n\nHP\n MSR20-12-T Router\n JD676A\n\nH3C\n MSR 20-12 T1\n 0235A32B\n\nHP\n MSR20-12-T Router\n JF806A\n\nH3C\n RT-MSR2012-T-AC-OVS-H3\n 0235A398\n\nHP\n MSR20-12-T-W Router (NA)\n JG209A\n\nHP\n MSR20-12-W Router\n JD675A\n\nH3C\n MSR20-12 W\n 0235A32G\n\nHP\n MSR20-12-W Router\n JF807A\n\nH3C\n RT-MSR2012-AC-OVS-W-H3\n 0235A397\n\nHP\n MSR20-13 Router\n JD668A\n\nH3C\n MSR 20-13\n 0235A31W\n\nHP\n MSR20-13 Router\n JF240A\n\nH3C\n RT-MSR2013-AC-OVS-H3\n 0235A390\n\nHP\n MSR20-13-W Router\n JD669A\n\nH3C\n MSR 20-13 W\n 0235A31X\n\nHP\n MSR20-13-W Router\n JF808A\n\nH3C\n RT-MSR2013-AC-OVS-W-H3\n 0235A391\n\nHP\n MSR20-13-W Router (NA)\n JG210A\n\nHP\n MSR20-15 Router\n JF817A\n\nH3C\n MSR 20-15 Router Host (AC), 1 FE, 4 LSW, 1 ADSLoPOTS, 1 DSIC\n 0235A0A8\n\nHP\n MSR20-15-A Router\n JF237A\n\nH3C\n RT-MSR2015-AC-OVS-A-H3\n 0235A392\n\nHP\n MSR20-15-A-W Router\n JF809A\n\nH3C\n RT-MSR2015-AC-OVS-IW-H3\n 0235A38V\n\nHP\n MSR20-15-I Router\n JF236A\n\nH3C\n RT-MSR2015-AC-OVS-I-H3\n 0235A394\n\nHP\n MSR20-15-I-W Router\n JF238A\n\nH3C\n RT-MSR2015-AC-OVS-AW-H3\n 0235A393\n\nHP\n MSR20-20 Router\n JD662A\n\nHP\n A-MSR20-20 Router\n\nH3C\n MSR 20-20\n 0235A19H\n\nHP\n MSR20-20 Router\n JF283A\n\nH3C\n RT-MSR2020-AC-OVS-H3C\n 0235A324\n\nHP\n MSR20-21 Router\n JD663B\n\nHP\n MSR20-40 Router\n JD664A\n\nH3C\n MSR 20-40\n 0235A19K\n\nHP\n MSR20-40 Router\n JF228A\n\nH3C\n RT-MSR2040-AC-OVS-H3\n 0235A326\n\nHP\n MSR30-10 DC Router\n JG184A\n\nHP\n MSR30-10 Router\n JF816A\n\nH3C\n MSR 30-10 Router Host (AC), 2FE, 2SIC, 1XMIM, 256DDR\n 0235A39H\n\nHP\n MSR30-11 Router\n JF800A\n\nH3C\n RT-MSR3011-AC-OVS-H3\n 0235A29L\n\nHP\n MSR30-11E Router\n JG182A\n\nHP\n MSR30-11F Router\n JG183A\n\nHP\n MSR30-16 PoE Router\n JD659A\n\nH3C\n MSR 30-16 POE\n 0235A238\n\nHP\n MSR30-16 PoE Router\n JF234A\n\nH3C\n RT-MSR3016-AC-POE-OVS-H3\n 0235A321\n\nHP\n MSR30-16 Router\n JD665A\n\nH3C\n MSR 30-16\n 0235A237\n\nHP\n MSR30-16 Router\n JF233A\n\nH3C\n RT-MSR3016-AC-OVS-H3\n 0235A327\n\nHP\n MSR30-16 Router with VCX and 4-port FXO and 2-port FXS Modules\n JD025A\n\nHP\n A-MSR30-16 Router with VCX and 4-port FXO and 2-port FXS Modules\n\n3Com\n MSR 3016 VCX CPM 4FXO/2FXS Bundle\n 3CRBVCXMSR03A\n\nHP\n MSR30-16 Router with VCX Enterprise Branch Communications MIM Module\n JD024A\n\nHP\n A-MSR30-16 Router with VCX Ent MIM Module\n\n3Com\n MSR 3016 VCX Ent MIM Bundle\n 3CRBVCXMSR02A\n\nHP\n MSR30-20 DC Router\n JF235A\n\nH3C\n RT-MSR3020-DC-OVS-H3\n 0235A267\n\nHP\n MSR30-20 PoE Router\n JD660A\n\nH3C\n MSR 30-20 POE\n 0235A239\n\nHP\n MSR30-20 PoE Router\n JF802A\n\nH3C\n RT-MSR3020-AC-POE-OVS-H3\n 0235A322\n\nHP\n MSR30-20 Router\n JD666A\n\nH3C\n MSR 30-20\n 0235A19L\n\nHP\n MSR30-20 Router\n JF284A\n\nH3C\n MSR 30-20 Router\n 0235A328\n\nHP\n MSR30-40 DC Router\n JF287A\n\nH3C\n MSR 30-40 Router Host (DC)\n 0235A268\n\nHP\n MSR30-40 PoE Router\n JD661A\n\nH3C\n MSR 30-40 POE\n 0235A25R\n\nHP\n MSR30-40 PoE Router\n JF803A\n\nH3C\n RT-MSR3040-AC-POE-OVS-H3\n 0235A323\n\nHP\n MSR30-40 Router\n JD657A\n\nH3C\n MSR 30-40\n 0235A20J\n\nHP\n MSR30-40 Router\n JF229A\n\nH3C\n RT-MSR3040-AC-OVS-H\n 0235A299\n\nHP\n MSR30-40 Router with VCX and 8-port BRI and 4-port FXS Modules\n JD027A\n\n3Com\n MSR 3040 VCX CPM 8BRI/4FXS Bundle\n 3CRBVCXMSR06A\n\nHP\n MSR30-40 Router with VCX and 8-port FXO and 4-port FXS Modules\n JD026A\n\n3Com\n MSR 3040 VCX CPM 8FXO/4FXS Bundle\n 3CRBVCXMSR05A\n\nHP\n MSR30-40 Router with VCX and E1 and 4-port BRI and 4-port FXS Modules\n JD029A\n\nHP\n A-MSR30-40 Router with VCX and E1 and 4-port BRI and 4-port FXS Modules\n\n3Com\n MSR 3040 VCX CPM E1/4BRI/4FXS Bundle\n 3CRBVCXMSR08A\n\nHP\n MSR30-40 Router with VCX and T1 and 4-port FX0 and 4-port FXS Modules\n JD028A\n\nHP\n A-MSR30-40 Router with VCX and T1 and 4-port FX0 and 4-port FXS Modules\n\n3Com\n MSR 3040 VCX CPM T1/4FXO/4FXS Bundle\n 3CRBVCXMSR07A\n\nHP\n MSR30-40 Router with VCX MIM Module\n JD023A\n\n3Com\n MSR 3040 VCX Ent MIM Bundle\n 3CRBVCXMSR01A\n\nHP\n MSR30-60 DC Router\n JF801A\n\nH3C\n RT-MSR3060-DC-OVS-H3\n 0235A269\n\nHP\n MSR30-60 PoE Router\n JD654A\n\nH3C\n MSR 30-60 POE\n 0235A25S\n\nHP\n MSR30-60 PoE Router\n JF804A\n\nH3C\n RT-MSR3060-AC-POE-OVS-H3\n 0235A296\n\nHP\n MSR30-60 Router\n JD658A\n\nH3C\n MSR 30-60\n 0235A20K\n\nHP\n MSR30-60 Router\n JF230A\n\nH3C\n RT-MSR3060-AC-OVS-H3\n 0235A320\n\nHP\n MSR50-40 DC Router\n JF285A\n\nHP\n A-MSR50-40 DC Router Chassis\n\nH3C\n MSR5040-DC-OVS-H3C\n 0235A20P\n\nHP\n MSR50-40 Router\n JD433A\n\nH3C\n MSR 50-40 Router\n 0235A297\n\nHP\n MSR50-60 Router\n JD656A\n\nH3C\n MSR 50-60 Chassis\n 0235A20L\n\nHP\n MSR50-60 Router\n JF231A\n\nH3C\n RT-MSR5060-AC-OVS-H3\n 0235A298\n\nHP\n MSR50-60 Router Chassis with DC Power Supply\n JF640A\n\nHP\n MSR900 2-port FE WAN / 4 -port FE LAN Router\n JF812A\n\nH3C\n MSR 900 Router, 2 FE WAN, 4 FE LAN, 256DDR\n 0235A0BX\n\nHP\n MSR900-W Router\n JF814A\n\nH3C\n MSR 900 Router with 802.11b/g, 2 FE WAN, 4 FE LAN, 256DDR, 802.11b\n 0235A0C2\n\nHP\n MSR900-W Router (NA)\n JG207A\n\nHP\n MSR920 2-port FE WAN / 8-port FE LAN / 802.11b/g Router\n JF815A\n\nH3C\n MSR 920 Router with 802.11b/g, 2 FE WAN, 8 FE LAN, 256DDR\n 0235A0C4\n\nHP\n MSR920 Router\n JF813A\n\nH3C\n MSR 920 Router, 2 FE WAN, 8 FE LAN, 256DDR\n 0235A0C0\n\nHP\n MSR920-W Router (NA)\n JG208A\n\nHP\n 6040 Router Chassis\n JD967A\n\n3Com\n 6040 Router Chassis\n 3C13840\n\nHP\n 6080 Router Chassis\n JD972A\n\n3Com\n 6080 Router Chassis 3C13880\n\nHP\n S5600-26C Ethernet Switch\n JD393A\n\nH3C\n S5600-26C Ethernet Switch\n 0235A11F\n\nHP\n S5600-26C-PoE Ethernet Switch\n JD394A\n\nH3C\n S5600-26C-PWR Ethernet Switch\n 0235A11G\n\nHP\n S5600-26F Ethernet Switch\n JD395A\n\nH3C\n S5600-26F Ethernet Switch\n 0235A11H\n\nHP\n S5600-50C Ethernet Switch\n JD391A\n\nH3C\n S5600-50C Ethernet Switch\n 0235A11D\n\nHP\n S5600-50C PoE Ethernet Switch\n JD392A\n\nH3C\n S5600-50C-PWR Ethernet Switch\n 0235A11E\n\nHP\n S9502 (LS-9502-OVS-H3) Routing Switch Chassis\n JE551A\n\nH3C\n LS-9502-OVS-H3\n 0235A21X\n\nHP\n S9505 Routing Switch Chassis\n JC055A\n\nH3C\n S9505 Routing Switch Chassis\n 0235A17A\n\nHP\n S9508 Routing Switch Chassis\n JC054A\n\nH3C\n S9508 Routing Switch Chassis\n 0235A16T\n\nHP\n S9512 Routing Switch Chassis\n JC056A\n\nH3C\n S9512 Routing Switch Chassis\n 0235A17B\n\nHP\n U200-A UTM Appliance\n JD275A\n\nHP\n A-U200-A Unified Threat Management Appliance\n\nH3C\n SecPath U200-A\n 0235A36Q\n\nHP\n U200-S UTM Appliance\n JD273A\n\nHP\n A-U200-S Unified Threat Management Appliance\n\nH3C\n SecPath U200-S\n 0235A36N\n\nHP\n WX5002 Access Controller\n JD447A\n\nH3C\n WX5002 Access Controller\n 0235A34B\n\nHP\n WX5002 Access Controller\n JD447B\n\nHP\n A-WX5002 Access Controller\n\nH3C\n WX5002 Access Controller\n 0235A34B\n\nHP\n WX5002 Access Controller\n JD468A\n\n3Com\n WX 5002 Access Controller\n 3CRUWX500275\n\nHP\n WX5004 Access Controller\n JD448A\n\nHP\n A-WX5004 Access Controller\n\nH3C\n WX5004 Access Controller\n 0235A35J\n\nHP\n WX5004 Access Controller\n JD448B\n\nHP\n A-WX5004 Access Controller\n\nH3C\n WX5004 4-Port 1000BASE-X/1000BASE-T (Combo) Access Controller\n 0235A0GD\n\nHP\n WX5004 Access Controller\n JD469A\n\n3Com\n WX 5004 Access Controller\n 3CRUWX500475\n\nHP\n WX6103 Access Controller Support up to 128 Access Points\n JF247A\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2012-3268 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nThe Hewlett-Packard Company thanks Kurt Grutzmacher (grutz@jingojango.net)\nand CERT/CC for reporting these vulnerabilities to security-alert@hp.com\n\nRESOLUTION\n\nIf your product is listed as vulnerable, a software update to address this\nissue may be available for download. \n\nUsing a web browser, go to http://www.hp.com/networking/support . \n\nEnter the product number or product description into Auto Search. \n\nSelect the displayed result and click \u0027 Display selected \u0027. \n\nClick Software Downloads from the list of choices provided below. \n\nThere is a section called \u0027 Early Availability \u0027 which will contain software\nthat addresses this issue. The descriptive text of the software should\nindicate SSRT100920 as a further indication that the software addresses this\nissue. There are important considerations about using Early Availability\nsoftware:\n\nEarly Availability software is recommended for use in:\n\nLab testing prior to upgrading a production network\n\nEvaluation of new features prior to general deployment\n\nEvaluation with specific applications prior to wider deployment\n\nPlease evaluate this software thoroughly prior to deployment in a production\nenvironment. \n\nIf your product is listed as vulnerable and software is not available via the\nprocess outlined previously, you may contact HP Networking support directly\nby going to this URL:\nhttps://h10145.www1.hp.com/help/Help_ContactInfo.aspx?cwp=2\u0026SelectedTab=2 and\nclicking on your location to get the technical support telephone number. \nThere are other support options such as Electronic Case submission available. \n\nIf your product is listed as vulnerable and a software update is not yet\navailable, HP is currently working to address these vulnerabilities with a\nnew software update. This Security Bulletin will be revised when the software\nupdate is available. Prior to the update being made available and you have an\nimpacted product, the following mitigations are recommended:\n\nMoving to SNMPv3 with authentication and privacy for all network management\napplications. \n\nUsing SNMPv3s VACM to block access to the H3C-USER-MIB for SNMPv1/v2c users. \n\nHere is an example configuration using the snmp-agent command:\n\nsnmp-agent mib-view include readView iso\nsnmp-agent mib-view exclude readView hh3cUserPassword\nsnmp-agent mib-view include writeView iso\nsnmp-agent mib-view exclude writeView hh3cUserPassword\nsnmp-agent mib-view include notifyView iso\nsnmp-agent group v1 testV1ReadGroup read-view readView\nsnmp-agent usm-user v1 testV1ReadUser testV1ReadGroup\nsnmp-agent group v1 testV1WriteGroup read-view readView write-view writeView\nnotify-view notifyView\nsnmp-agent usm-user v1 testV1WriteUser testV1WriteGroup\nsnmp-agent community read testV1ReadUser mib-view readView\nsnmp-agent community write testV1WriteUser mib-view writeView\nYou may also further control SNMP MIB access using an ACL. \nFor v1/2\nsnmp-agent community write testV1WriteUser mib-view writeView acl\n\u003cacl-number\u003e\nsnmp-agent community read testV1ReadUser mib-view readView acl \u003cacl-number\u003e\nFor v3\nsnmp-agent group v3 testV3Group privacy read-view readView write-view\nwriteView acl \u003cacl-number\u003e\nsnmp-agent usm-user v3 testV3User testV3Group authentication-mode sha\n\u003cauth-passwd\u003e privacy-mode aes128 \u003cpriv-password\u003e\n\nConfigure SNMP community strings with ACLs to limit access to SNMP to just\nnetwork management workstation(s). \n\nHere is an example configuration:\n\n#\nacl number 2001\nrule 1 permit source 192.168.100.0 0.0.0.255\nrule 1 permit source 192.168.100.1 0\nacl number 2002\nrule 1 permit source 192.168.100.1 0\n#\nsnmp-agent community read READONLY acl 2001\nsnmp-agent community write READONLY acl 2002\n#\n\nDisable all local user administrative accounts and use RADIUS or TACACS+\nauthentication instead. \n\nDisable SNMP. \n\nRegarding secure use of switch or router configuration information:\n\nAvoid using plaintext protocols such as TFTP or FTP to transfer configuration\nfiles that contain local user accounts. \n\nControl user privileges on displaying any configuration information or\ndisplaying the content of a configuration file. For example, display\ncurrent-configuration or more \u003cconfiguration file\u003e \u0027. \n\nHISTORY\nVersion:1 (rev.1) - 22 October 2012 Initial release\nVersion:2 (rev.2) - 25 October 2012 Updated product list and the summary\nsection. \n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated\nperiodically, is contained in HP Security Notice HPSN-2011-001:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttp://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2012 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niEYEARECAAYFAlCJl+QACgkQ4B86/C0qfVl9cgCcDoJkIjTWzBdeJdAdOimzRNg7\nYJgAoPmQ5ycXX07g21tV9nvSaLLvPPE5\n=cmPB\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3268"
},
{
"db": "CERT/CC",
"id": "VU#225404"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"db": "CNVD",
"id": "CNVD-2012-6060"
},
{
"db": "BID",
"id": "56183"
},
{
"db": "VULHUB",
"id": "VHN-56549"
},
{
"db": "PACKETSTORM",
"id": "117623"
},
{
"db": "PACKETSTORM",
"id": "117625"
},
{
"db": "PACKETSTORM",
"id": "117678"
}
],
"trust": 3.51
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-56549",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56549"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3268",
"trust": 4.5
},
{
"db": "CERT/CC",
"id": "VU#225404",
"trust": 3.3
},
{
"db": "BID",
"id": "56183",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1027694",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005125",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-540",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2012-6060",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "117623",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "117678",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "117625",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56549",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#225404"
},
{
"db": "CNVD",
"id": "CNVD-2012-6060"
},
{
"db": "VULHUB",
"id": "VHN-56549"
},
{
"db": "BID",
"id": "56183"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"db": "PACKETSTORM",
"id": "117623"
},
{
"db": "PACKETSTORM",
"id": "117625"
},
{
"db": "PACKETSTORM",
"id": "117678"
},
{
"db": "NVD",
"id": "CVE-2012-3268"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
]
},
"id": "VAR-201302-0018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6060"
},
{
"db": "VULHUB",
"id": "VHN-56549"
}
],
"trust": 1.5981997663414633
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6060"
}
]
},
"last_update_date": "2023-12-18T12:58:12.956000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBHF02819 SSRT100920 rev.1 - HP, 3COM, and H3C Routers \u0026 Switches, Remote Disclosure of Information",
"trust": 0.8,
"url": "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03515685\u0026ac.admitted=1351149896696.876444892.492883150"
},
{
"title": "Huawei-SA-20121025-01 - SNMP vulnerability on Huawei multiple products",
"trust": 0.8,
"url": "http://support.huawei.com/enterprise/newsreadaction.action?newtype=0301\u0026contentid=news1000001165\u0026idabspath=0301_10001\u0026nameabspath=services%2520news"
},
{
"title": "Multiple HP Product Information Disclosure Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/24211"
},
{
"title": "HP Repair measures for information disclosure vulnerabilities of various products",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146562"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6060"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56549"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"db": "NVD",
"id": "CVE-2012-3268"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://grutztopia.jingojango.net/2012/10/hph3c-and-huawei-snmp-weak-access-to.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/225404"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/56183"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-10/0123.html"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/moro-8zdjdp"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03515685"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1027694"
},
{
"trust": 1.6,
"url": "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03515685\u0026ac.admitted=1351086123601.876444892.492883150"
},
{
"trust": 1.6,
"url": "http://support.huawei.com/enterprise/newsreadaction.action?newtype=0301\u0026contentid=news1000001165\u0026idabspath=0301_10001\u0026nameabspath=services%2520news"
},
{
"trust": 1.0,
"url": "http://support.huawei.com/support/pages/news/newsinfoaction.do?doc_id=in0000054930\u0026colid=rootenweb%7cco0000000170\u0026actionflag=view"
},
{
"trust": 0.8,
"url": "http://support.huawei.com/enterprise/newsreadaction.action?newtype=0301\u0026contentid=news1000001069\u0026idabspath=0301_10001\u0026nameabspath=services%2520news"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3268"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu225404/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3268"
},
{
"trust": 0.6,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03515685"
},
{
"trust": 0.6,
"url": "http://support.huawei.com/support/pages/news/newsinfoaction.do?doc_id=in0000054930\u0026colid=rootenweb"
},
{
"trust": 0.3,
"url": "http://www.hp.com/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3268"
},
{
"trust": 0.2,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.2,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "http://www.hp.com/networking/support"
},
{
"trust": 0.2,
"url": "https://h10145.www1.hp.com/help/help_contactinfo.aspx?cwp=2\u0026selectedtab=2"
},
{
"trust": 0.1,
"url": "http://support.huawei.com/enterprise/newsreadaction.action?newtype=0301\u0026amp;contentid=news1000001165\u0026amp;idabspath=0301_10001\u0026amp;nameabspath=services%2520news"
},
{
"trust": 0.1,
"url": "http://support.huawei.com/support/pages/news/newsinfoaction.do?doc_id=in0000054930\u0026amp;colid=rootenweb%7cco0000000170\u0026amp;actionflag=view"
},
{
"trust": 0.1,
"url": "http://grutztopia.jingojango.net/"
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org/"
},
{
"trust": 0.1,
"url": "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03515685\u0026ac.admitted=1350939600802.876444892.492883150"
},
{
"trust": 0.1,
"url": "https://github.com/grutz/h3c-pt-tools"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#225404"
},
{
"db": "CNVD",
"id": "CNVD-2012-6060"
},
{
"db": "VULHUB",
"id": "VHN-56549"
},
{
"db": "BID",
"id": "56183"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"db": "PACKETSTORM",
"id": "117623"
},
{
"db": "PACKETSTORM",
"id": "117625"
},
{
"db": "PACKETSTORM",
"id": "117678"
},
{
"db": "NVD",
"id": "CVE-2012-3268"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#225404"
},
{
"db": "CNVD",
"id": "CNVD-2012-6060"
},
{
"db": "VULHUB",
"id": "VHN-56549"
},
{
"db": "BID",
"id": "56183"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"db": "PACKETSTORM",
"id": "117623"
},
{
"db": "PACKETSTORM",
"id": "117625"
},
{
"db": "PACKETSTORM",
"id": "117678"
},
{
"db": "NVD",
"id": "CVE-2012-3268"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-24T00:00:00",
"db": "CERT/CC",
"id": "VU#225404"
},
{
"date": "2012-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6060"
},
{
"date": "2013-02-01T00:00:00",
"db": "VULHUB",
"id": "VHN-56549"
},
{
"date": "2012-10-23T00:00:00",
"db": "BID",
"id": "56183"
},
{
"date": "2012-10-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"date": "2012-10-23T23:55:55",
"db": "PACKETSTORM",
"id": "117623"
},
{
"date": "2012-10-24T15:05:01",
"db": "PACKETSTORM",
"id": "117625"
},
{
"date": "2012-10-26T15:13:41",
"db": "PACKETSTORM",
"id": "117678"
},
{
"date": "2013-02-01T11:49:52.647000",
"db": "NVD",
"id": "CVE-2012-3268"
},
{
"date": "2012-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-26T00:00:00",
"db": "CERT/CC",
"id": "VU#225404"
},
{
"date": "2012-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6060"
},
{
"date": "2018-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-56549"
},
{
"date": "2012-10-24T17:31:00",
"db": "BID",
"id": "56183"
},
{
"date": "2013-02-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005125"
},
{
"date": "2023-11-07T02:11:32.310000",
"db": "NVD",
"id": "CVE-2012-3268"
},
{
"date": "2021-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP/H3C and Huawei networking equipment h3c-user snmp vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#225404"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-540"
}
],
"trust": 0.6
}
}
VAR-200205-0149
Vulnerability from variot - Updated: 2023-12-18 12:47Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. The resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. SNMP requests are messages sent from manager to agent systems. They typically poll the agent for current performance or configuration information, ask for the next SNMP object in a Management Information Base (MIB), or modify the configuration settings of the agent. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP request messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. It is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)
Original release date: February 12, 2002 Last revised: -- Source: CERT/CC
A complete revision history can be found at the end of this file.
Systems Affected
Products from a very wide variety of vendors may be affected. See Vendor Information for details from vendors who have provided feedback for this advisory.
In addition to the vendors who provided feedback for this advisory, a list of vendors whom CERT/CC contacted regarding these problems is available from http://www.kb.cert.org/vuls/id/854306 http://www.kb.cert.org/vuls/id/107186
Many other systems making use of SNMP may also be vulnerable but were not specifically tested.
In addition to this advisory, we also have an FAQ available at http://www.cert.org/tech_tips/snmp_faq.html
I. Description
The Simple Network Management Protocol (SNMP) is a widely deployed protocol that is commonly used to monitor and manage network devices. Version 1 of the protocol (SNMPv1) defines several types of SNMP messages that are used to request information or configuration changes, respond to requests, enumerate SNMP objects, and send unsolicited alerts. The Oulu University Secure Programming Group (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous vulnerabilities in SNMPv1 implementations from many different vendors. More information about SNMP and OUSPG can be found in Appendix C
OUSPG's research focused on the manner in which SNMPv1 agents and managers handle request and trap messages. A trap message may indicate a warning or error condition or otherwise notify the manager about the agent's state. Request messages might be issued to obtain information from an agent or to instruct the agent to configure the host device.
Vulnerabilities in the decoding and subsequent processing of SNMP messages by both managers and agents may result in denial-of-service conditions, format string vulnerabilities, and buffer overflows. Some vulnerabilities do not require the SNMP message to use the correct SNMP community string.
These vulnerabilities have been assigned the CVE identifiers CAN-2002-0012 and CAN-2002-0013, respectively.
II.
III. Solution
Note that many of the mitigation steps recommended below may have significant impact on your everyday network operations and/or network architecture. Ensure that any changes made based on the following recommendations will not unacceptably affect your ongoing network operations capability.
Apply a patch from your vendor
Appendix A contains information provided by vendors for this advisory. Please consult this appendix to determine if you need to contact your vendor directly.
Disable the SNMP service
As a general rule, the CERT/CC recommends disabling any service or capability that is not explicitly required, including SNMP. Unfortunately, some of the affected products exhibited unexpected behavior or denial of service conditions when exposed to the OUSPG test suite even if SNMP was not enabled. In these cases, disabling SNMP should be used in conjunction with the filtering practices listed below to provide additional protection.
Ingress filtering
As a temporary measure, it may be possible to limit the scope of these vulnerabilities by blocking access to SNMP services at the network perimeter.
Ingress filtering manages the flow of traffic as it enters a network under your administrative control. Servers are typically the only machines that need to accept inbound traffic from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound traffic to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound traffic to non-authorized services. For SNMP, ingress filtering of the following ports can prevent attackers outside of your network from impacting vulnerable devices in the local network that are not explicitly authorized to provide public SNMP services.
snmp 161/udp # Simple Network Management Protocol (SNMP) snmp 162/udp # SNMP system management messages
The following services are less common, but may be used on some affected products
snmp 161/tcp # Simple Network Management Protocol (SNMP) snmp 162/tcp # SNMP system management messages smux 199/tcp # SNMP Unix Multiplexer smux 199/udp # SNMP Unix Multiplexer synoptics-relay 391/tcp # SynOptics SNMP Relay Port synoptics-relay 391/udp # SynOptics SNMP Relay Port agentx 705/tcp # AgentX snmp-tcp-port 1993/tcp # cisco SNMP TCP port snmp-tcp-port 1993/udp # cisco SNMP TCP port
As noted above, you should carefully consider the impact of blocking services that you may be using.
It is important to note that in many SNMP implementations, the SNMP daemon may bind to all IP interfaces on the device. This has important consequences when considering appropriate packet filtering measures required to protect an SNMP-enabled device. For example, even if a device disallows SNMP packets directed to the IP addresses of its normal network interfaces, it may still be possible to exploit these vulnerabilities on that device through the use of packets directed at the following IP addresses: * "all-ones" broadcast address * subnet broadcast address * any internal loopback addresses (commonly used in routers for management purposes, not to be confused with the IP stack loopback address 127.0.0.1)
Careful consideration should be given to addresses of the types mentioned above by sites planning for packet filtering as part of their mitigation strategy for these vulnerabilities.
Finally, sites may wish to block access to the following RPC services related to SNMP (listed as name, program ID, alternate names)
snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys snmp-utk snmpv2 100138 na.snmpv2 # SNM Version 2.2.2 snmpXdmid 100249
Please note that this workaround may not protect vulnerable devices from internal attacks.
Filter SNMP traffic from non-authorized internal hosts
In many networks, only a limited number of network management systems need to originate SNMP request messages. This can reduce, but not wholly eliminate, the risk from internal attacks. However, it may have detrimental effects on network performance due to the increased load imposed by the filtering, so careful consideration is required before implementation. Similar caveats to the previous workaround regarding broadcast and loopback addresses apply.
Change default community strings
Most SNMP-enabled products ship with default community strings of "public" for read-only access and "private" for read-write access. As with any known default access control mechanism, the CERT/CC recommends that network administrators change these community strings to something of their own choosing. However, even when community strings are changed from their defaults, they will still be passed in plaintext and are therefore subject to packet sniffing attacks. SNMPv3 offers additional capabilities to ensure authentication and privacy as described in RFC2574.
Because many of the vulnerabilities identified in this advisory occur before the community strings are evaluated, it is important to note that performing this step alone is not sufficient to mitigate the impact of these vulnerabilities. Nonetheless, it should be performed as part of good security practice.
Segregate SNMP traffic onto a separate management network
In situations where blocking or disabling SNMP is not possible, exposure to these vulnerabilities may be limited by restricting all SNMP access to separate, isolated management networks that are not publicly accessible. Although this would ideally involve physically separate networks, that kind of separation is probably not feasible in most environments. Mechanisms such as virtual LANs (VLANs) may be used to help segregate traffic on the same physical network. Note that VLANs may not strictly prevent an attacker from exploiting these vulnerabilities, but they may make it more difficult to initiate the attacks.
Another option is for sites to restrict SNMP traffic to separate virtual private networks (VPNs), which employ cryptographically strong authentication.
Note that these solutions may require extensive changes to a site's network architecture.
Egress filtering
Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound traffic to the Internet. In the case of SNMP vulnerabilities, employing egress filtering on the ports listed above at your network border can prevent your network from being used as a source for attacks on other sites.
Disable stack execution
Disabling executable stacks (on systems where this is configurable) can reduce the risk of "stack smashing" attacks based on these vulnerabilities. Although this does not provide 100 percent protection against exploitation of these vulnerabilities, it makes the likelihood of a successful exploit much smaller. On many UNIX systems, executable stacks can be disabled by adding the following lines to /etc/system:
set noexec_user_stack = 1 set noexec_user_stack_log = 1
Note that this may go against the SPARC and Intel ABIs and can be bypassed as required in programs with mprotect(2). For the changes to take effect you will then need to reboot.
Other operating systems and architectures also support the disabling of executable stacks either through native configuration parameters or via third-party software. Consult your vendor(s) for additional information.
Share tools and techniques
Because dealing with these vulnerabilities to systems and networks is so complex, the CERT/CC will provide a forum where administrators can share ideas and techniques that can be used to develop proper defenses. We have created an unmoderated mailing list for system and network administrators to discuss helpful techniques and tools.
You can subscribe to the mailing list by sending an email message to majordomo@cert.org. In the body of the message, type
subscribe snmp-forum
After you receive the confirmation message, follow the instructions in the message to complete the subscription process.
Appendix A. - Vendor Information
This appendix contains information provided by vendors for this advisory. As vendors report new information to the CERT/CC, we will update this section and note the changes in our revision history. If a particular vendor is not listed below, we have not received their comments.
AdventNet
This is in reference to your notification regarding [VU#107186 and
VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this
behavior in their products and coded a Service Pack fix which is
currently in regression testing in AdventNet Inc.'s Q.A.
organization. The release of AdventNet Inc's. Service Pack
correcting the behavior outlined in VU#617947, and OUSPG#0100 is
scheduled to be generally available to all of AdventNet Inc.'s
customers by February 20, 2002.
Avaya
Avaya Inc. No further information is available at this time.
CacheFlow
The purpose of this email is to advise you that CacheFlow Inc. has
provided a software update. Please be advised that updated versions
of the software are now available for all supported CacheFlow
hardware platforms, and may be obtained by CacheFlow customers at
the following URL:
http://download.cacheflow.com/
The specific reference to the software update is contained within the Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15 Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149.
RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm
RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm
* SR 1-1647517, VI 13045: This update modified a potential
vulnerability by using an SNMP test tools exploit.
3Com Corporation
A vulnerability to an SNMP packet with an invalid length community
string has been resolved in the following products. Customers
concerned about this weakness should ensure that they upgrade to
the following agent versions:
PS Hub 40
2.16 is due Feb 2002
PS Hub 50
2.16 is due Feb 2002
Dual Speed Hub
2.16 is due Jan 2002
Switch 1100/3300
2.68 is available now
Switch 4400
2.02 is available now
Switch 4900
2.04 is available now
WebCache1000/3000
2.00 is due Jan 2002
Caldera
Caldera International, Inc. has reproduced faulty behavior in
Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX
8. We have coded a software fix for supported versions of Caldera
UnixWare 7 and Caldera Open UNIX 8 that will be available from
our support site at http://stage.caldera.com/support/security
immediately following the publication of this CERT announcement. A
fix for supported versions of OpenServer 5 will be available at a
later date.
Cisco Systems
Cisco Systems is addressing the vulnerabilities identified by
VU#854306 and VU#107186 across its entire product line. Cisco will
publish a security advisory with further details at
http://www.cisco.com/go/psirt/.
Compaq Computer Corporation
x-ref: SSRT0779U SNMP
At the time of writing this document, COMPAQ continues to evaluate
this potential problem and when new versions of SNMP are available,
COMPAQ will implement solutions based on the new code. Compaq will
provide notice of any new patches as a result of that effort
through standard patch notification procedures and be available
from your normal Compaq Services support channel.
Computer Associates
Computer Associates has confirmed Unicenter vulnerability to the
SNMP advisory identified by CERT notification reference [VU#107186
& VU#854306] and OUSPG#0100. We have produced corrective
maintenance to address these vulnerabilities, which is in the
process of publication for all applicable releases / platforms and
will be offered through the CA Support site. Please contact our
Technical Support organization for information regarding
availability / applicability for your specific configuration(s).
COMTEK Services, Inc.
NMServer for AS/400 is not an SNMP master and is therefore not
vulnerable. However this product requires the use of the AS/400
SNMP master agent supplied by IBM.
NMServer for OpenVMS has been tested and has shown to be
vulnerable. COMTEK Services is preparing a new release of this
product (version 3.5) which will contain a fix for this problem.
This new release is scheduled to be available in February 2002.
Contact COMTEK Services for further information.
NMServer for VOS has not as yet been tested; vulnerability of this
agent is unknown. Contact for further information on the testing
schedule of the VOS product.
Covalent Technologies
Covalent Technologies ERS (Enterprise Ready Server), Secure Server,
and Conductor SNMP module are not vulnerable according to testing
performed in accordance with CERT recommendations. Security
information for Covalent products can be found at www.covalent.net
Dartware, LLC
Dartware, LLC (www.dartware.com) supplies two products that use
SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present
and past versions of these two software packages.
DMH Software
DMH Software is in the process of evaluating and attempting to
reproduce this behavior.
It is unclear at this point if our snmp-agent is sensitive to the
tests described above.
If any problems will be discovered, DMH Software will code a
software fix.
The release of DMH Software OS correcting the behavior outlined in
VU#854306, VU#107186, and OUSPG#0100 will be generally available to
all of DMH Software's customers as soon as possible.
EnGarde Secure Linux
EnGarde Secure Linux did not ship any SNMP packages in version
1.0.1 of our distribution, so we are not vulnerable to either bug.
FreeBSD
FreeBSD does not include any SNMP software by default, and so is
not vulnerable. However, the FreeBSD Ports Collection contains the
UCD-SNMP / NET-SNMP package. Package versions prior to
ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release
will ship the corrected version of the UCD-SNMP / NET-SNMP
package. In addition, the corrected version of the packages is
available from the FreeBSD mirrors.
FreeBSD has issued the following FreeBSD Security Advisory
regarding the UCD-SNMP / NET-SNMP package:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09.
snmp.asc.
Hewlett-Packard Company
SUMMARY - known vulnerable:
========================================
hp procurve switch 2524
NNM (Network Node Manager)
JetDirect Firmware (Older versions only)
HP-UX Systems running snmpd or OPENVIEW
MC/ServiceGuard
EMS
Still under investigation:
SNMP/iX (MPE/iX)
========================================
_________________________________________________________
---------------------------------------------------------
hp procurve switch 2524
---------------------------------------------------------
hp procurve switch 2525 (product J4813A) is vulnerable to some
issues, patches in process. Watch for the associated HP
Security Bulletin.
---------------------------------------------------------
NNM (Network Node Manager)
---------------------------------------------------------
Some problems were found in NNM product were related to
trap handling. Patches in process. Watch for the
associated HP Security Bulletin.
---------------------------------------------------------
JetDirect Firmware (Older versions only)
---------------------------------------------------------
ONLY some older versions of JetDirect Firmware are
vulnerable to some of the issues. The older firmware
can be upgraded in most cases, see list below.
JetDirect Firmware Version State
========================== =====
X.08.32 and higher NOT Vulnerable
X.21.00 and higher NOT Vulnerable
JetDirect Product Numbers that can be freely
upgraded to X.08.32 or X.21.00 or higher firmware.
EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)
J3110A 10T
J3111A 10T/10B2/LocalTalk
J3112A Token Ring (discontinued)
J3113A 10/100 (discontinued)
J4169A 10/100
J4167A Token Ring
MIO (Peripherals LaserJet 4, 4si, 5si, etc...)
J2550A/B 10T (discontinued)
J2552A/B 10T/10Base2/LocalTalk (discontinued)
J2555A/B Token Ring (discontinued)
J4100A 10/100
J4105A Token Ring
J4106A 10T
External Print Servers
J2591A EX+ (discontinued)
J2593A EX+3 10T/10B2 (discontinued)
J2594A EX+3 Token Ring (discontinued)
J3263A 300X 10/100
J3264A 500X Token Ring
J3265A 500X 10/100
----------------------------------------------------------
HP-UX Systems running snmpd or OPENVIEW
----------------------------------------------------------
The following patches are available now:
PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch
PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch
PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated
Patch
All three patches are available from:
http://support.openview.hp.com/cpe/patches/
In addition PHSS_26137 and PHSS_26138 will soon be available from:
http://itrc.hp.com
================================================================
NOTE: The patches are labeled OV(Open View). However, the patches
are also applicable to systems that are not running Open View.
=================================================================
Any HP-UX 10.X or 11.X system running snmpd or snmpdm is
vulnerable.
To determine if your HP-UX system has snmpd or snmpdm installed:
swlist -l file | grep snmpd
If a patch is not available for your platform or you cannot install
an available patch, snmpd and snmpdm can be disabled by removing
their
entries from /etc/services and removing the execute permissions
from
/usr/sbin/snmpd and /usr/sbin/snmpdm.
----------------------------------------------------------------
Investigation completed, systems vulnerable.
----------------------------------------------------------------
MC/ServiceGuard
Event Monitoring System (EMS)
----------------------------------------------------------------
Still under investigation:
----------------------------------------------------------------
SNMP/iX (MPE/iX)
Hirschmann Electronics GmbH & Co. KG
Hirschmann Electronics GmbH & Co. KG supplies a broad range of
networking products, some of which are affected by the SNMP
vulnerabilities identified by CERT Coordination Center. Hirschmann customers may contact our Competence
Center (phone +49-7127-14-1538, email:
ans-support@nt.hirschmann.de) for additional information,
especially regarding availability of latest firmware releases
addressing the SNMP vulnerabilities.
IBM Corporation
Based upon the results of running the test suites we have
determined that our version of SNMP shipped with AIX is NOT
vulnerable.
Innerdive Solutions, LLC
Innerdive Solutions, LLC has two SNMP based products:
1. The "SNMP MIB Scout"
(http://www.innerdive.com/products/mibscout/)
2. The "Router IP Console" (http://www.innerdive.com/products/ric/)
The "SNMP MIB Scout" is not vulnerable to either bug.
The "Router IP Console" releases prior to 3.3.0.407 are vulnerable.
The release of "Router IP Console" correcting the behavior outlined
in OUSPG#0100 is 3.3.0.407 and is already available on our site.
Also, we will notify all our customers about this new release no
later than March 5, 2002.
Juniper Networks
This is in reference to your notification regarding CAN-2002-0012
and CAN-2002-0013. Juniper Networks has reproduced this behavior
and coded a software fix. The fix will be included in all releases
of JUNOS Internet software built after January 5, 2002. Customers
with current support contracts can download new software with the
fix from Juniper's web site at www.juniper.net.
Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can
only be reproduced in JUNOS Internet software if certain tracing
options are enabled. These options are generally not enabled in
production routers.
Lantronix, Inc.
Lantronix is committed to resolving security issues with our
products. The SNMP security bug you reported has been fixed in LRS
firmware version B1.3/611(020123).
Lotus Development Corporation
Lotus Software evaluated the Lotus Domino Server for
vulnerabilities using the test suite materials provided by OUSPG.
This problem does not affect default installations of the Domino
Server. However, SNMP agents can be installed from the CD to
provide SNMP services for the Domino Server (these are located in
the /apps/sysmgmt/agents directory). The optional platform
specific master and encapsulator agents included with the Lotus
Domino SNMP Agents for HP-UX and Solaris have been found to be
vulnerable. For those platforms, customers should upgrade to
version R5.0.1 a of the Lotus Domino SNMP Agents, available for
download from the Lotus Knowledge Base on the IBM Support Web Site
(http://www.ibm.com/software/lotus/support/). Please refer to
Document #191059, "Lotus Domino SNMP Agents R5.0.1a", also in the
Lotus Knowledge Base, for more details.
LOGEC Systems Inc
The products from LOGEC Systems are exposed to SNMP only via HP
OpenView. We do not have an implementation of SNMP ourselves. As
such, there is nothing in our products that would be an issue with
this alert.
Lucent
Lucent is aware of reports that there is a vulnerability in certain
implementations of the SNMP (Simple Network Management Protocol)
code that is used in data switches and other hardware throughout
the telecom industry.
As soon as we were notified by CERT, we began assessing our product
portfolio and notifying customers with products that might be
affected.
Our 5ESS switch and most of our optical portfolio were not
affected. Our core and edge ATM switches and most of our edge
access products are affected, but we have developed, tested, and
deployed fixes for many of those products to our customers.
We consider the security and reliability of our customers' networks
to be one of our critical measures of success. We take every
reasonable measure to ensure their satisfaction.
In addition, we are working with customers on ways to further
enhance the security they have in place today.
Marconi
Marconi supplies a broad range of telecommunications and related
products, some of which are affected by the SNMP vulnerabilities
identified here. Those
Marconi customers with support entitlement may contact the
appropriate Technical Assistance Center (TAC) for additional
information. Those not under support entitlement may contact their
sales representative.
Microsoft Corporation
The Microsoft Security Reponse [sic] Center has investigated this
issue, and provides the following information. The SNMP v1 service is not installed or running by
default on any version of Windows. A patch is underway to eliminate
the vulnerability. In the meantime, we recommend that affected
customers disable the SNMP v1 service.
Details:
An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE.
It is not installed or running by default on any of these
platforms. An SNMP v1 is NOT provided for Windows ME. However, it
is possible that Windows 98 machines which had the service
installed and were upgraded would still have the service. Since
SNMP is not supported for WinME, customers in this situation are
urged to remove the SNMP service.
An SNMP v1 service is available on Windows NT 4.0 (including
Terminal Server Edition) and Windows 2000 but is not installed or
running by default on any of these platforms.Windows XP does not
ship with an SNMP v1 service.
Remediation:
A patch is underway for the affected platforms, and will be
released shortly. In the meantime, Microsoft recommends that
customers who have the SNMP v1 service running disable it to
protect their systems. Following are instruction for doing this:
Windows 95, 98 and 98SE:
1. In Control Panel, double-click Network.
2. On the Configuration tab, select Microsoft SNMP Agent from the
list of installed components.
3. Click Remove
Check the following keys and confirm that snmp.exe is not listed.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunSer
vices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
For Windows XP:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
For Windows NT 4.0 (including Terminal Server Edition):
1. Select Start, then Settings.
2. Select Control Panel, then click on the Services Icon
3. Locate SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close Control Panel
Windows 2000:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
Multinet
MultiNet and TCPware customers should contact Process Software to
check for the availability of patches for this issue. A couple of
minor problems were found and fixed, but there is no security risk
related to the SNMP code included with either product.
Netaphor
NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP
Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,
two Java based products that may be affected by the SNMP
vulnerabilities identified here. The manner in which they are
affected and the actions required (if any) to avoid being impacted
by exploitation of these vulnerabilities, may be obtained by
contacting Netaphor via email at info@netaphor.com Customers with
annual support may contact support@netaphor.com directly. Those not
under support entitlement may contact Netaphor sales:
sales@netaphor.com or (949) 470 7955 in USA.
NetBSD
NetBSD does not ship with any SNMP tools in our 'base' releases. We
do provide optional packages which provide various support for
SNMP. These packages are not installed by default, nor are they
currently provided as an install option by the operating system
installation tools. A system administrator/end-user has to manually
install this with our package management tools. These SNMP packages
include:
+ netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for
netsaint)
+ p5-Net-SNMP-3.60 (perl5 module for SNMP queries)
+ p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP
library
+ p5-SNMP_Session-0.83 (perl5 module providing rudimentary
access to remote SNMP agents)
+ ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.1.2)
+ ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.2.1)
We do provide a software monitoring mechanism called
'audit-packages', which allows us to highlight if a package with a
range of versions has a potential vulnerability, and recommends
that the end-user upgrade the packages in question.
Netscape Communications Corporation
Netscape continues to be committed to maintaining a high level of
quality in our software and service offerings. Part of this
commitment includes prompt response to security issues discovered
by organizations such as the CERT Coordination Center.
According to a recent CERT/CC advisory, The Oulu University Secure
Programming Group (OUSPG) has reported numerous vulnerabilities in
multiple vendor SNMPv1 implementations.
We have carefully examined the reported findings, performing the
tests suggested by the OUSPG to determine whether Netscape server
products were subject to these vulnerabilities. It was determined
that several products fell into this category. As a result, we have
created fixes which will resolve the issues, and these fixes will
appear in future releases of our product line. To Netscape's
knowledge, there are no known instances of these vulnerabilities
being exploited and no customers have been affected to date.
When such security warnings are issued, Netscape has committed to -
and will continue to commit to - resolving these issues in a prompt
and timely fashion, ensuring that our customers receive products of
the highest quality and security.
NET-SNMP
All ucd-snmp version prior to 4.2.2 are susceptible to this
vulnerability and users of versions prior to version 4.2.2 are
encouraged to upgrade their software as soon as possible
(http://www.net-snmp.org/download/). Version 4.2.2 and higher are
not susceptible.
Network Associates
PGP is not affected, impacted, or otherwise related to this VU#.
Network Computing Technologies
Network Computing Technologies has reviewed the information
regarding SNMP vulnerabilities and is currently investigating the
impact to our products.
Nokia
This vulnerability is known to affect IPSO versions 3.1.3, 3.3,
3.3.1, 3.4, and 3.4.1. Patches are currently available for
versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia
website. In addition, version 3.4.2 shipped with the patch
incorporated, and the necessary fix will be included in all future
releases of IPSO.
We recommend customers install the patch immediately or follow the
recommended precautions below to avoid any potential exploit.
If you are not using SNMP services, including Traps, simply disable
the SNMP daemon to completely eliminate the potential
vulnerability.
If you are using only SNMP Traps and running Check Point
FireWall-1, create a firewall policy to disallow incoming SNMP
messages on all appropriate interfaces. Traps will continue to work
normally.
Nortel Networks
The CERT Coordination Center has issued a broad based alert to the
technology industry, including Nortel Networks, regarding potential
security vulnerabilities identified in the Simple Network
Management Protocol (SNMP), a common networking standard. The
company is working with CERT and other network equipment
manufacturers, the U.S. Government, service providers, and software
suppliers to assess and address this issue.
Novell
Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x
and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on
NetWare are fixed and will be available through NetWare 6 Support
Pack 1 & NetWare 5.1 Support Pack 4. Support packs are available at
http://support.novell.com/tools/csp/
OpenBSD
OpenBSD does not ship SNMP code.
Qualcomm
WorldMail does not support SNMP by default, so customers who run
unmodified installations are not vulnerable.
Redback Networks, Inc.
Redback Networks, Inc. has identified that the vulnerability in
question affects certain versions of AOS software on the SMS 500,
SMS 1800, and SMS 10000 platforms, and is taking the appropriate
steps necessary to correct the issue.
Red Hat
RedHat has released a security advisiory [sic] at
http://www.redhat.com/support/errata/RHSA-2001-163.html
with updated versions of the ucd-snmp package for all supported
releases and architectures. For more information or to download the
update please visit this page.
SGI
SGI acknowledges the SNMP vulnerabilities reported by CERT and is
currently investigating. No further information is available at
this time.
For the protection of all our customers, SGI does not disclose,
discuss or confirm vulnerabilities until a full investigation has
occurred and any necessary patch(es) or release streams are
available for all vulnerable and supported IRIX operating systems.
Until SGI has more definitive information to provide, customers are
encouraged to assume all security vulnerabilities as exploitable
and take appropriate steps according to local site security
policies and requirements. As further information becomes
available, additional advisories will be issued via the normal SGI
security information distribution methods including the wiretap
mailing list on http://www.sgi.com/support/security/.
SNMP Research International
SNMP Research has made the following vendor statement. They are
likely to revise and expand the statement as the date for the
public vulnerability announcement draws nearer. Users maintaining
earlier releases should update to the current release if they have
not already done so. Up-to-date information is available from
support@snmp.com. Other Stonesoft's products are
still under investigation. As further information becomes
available, additional advisories will be available at
http://www.stonesoft.com/support/techcenter/
Sun Microsystems, Inc.
Sun's SNMP product, Solstice Enterprise Agents (SEA), described
here:
http://www.sun.com/solstice/products/ent.agents/
is affected by VU#854306 but not VU#107186. More specifically the
main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8.
Sun is currently generating patches for this issue and will be
releasing a Sun Security Bulletin once the patches are available.
The bulletin will be available from:
http://sunsolve.sun.com/security. Sun patches are available from:
http://sunsolve.sun.com/securitypatch.
Symantec Corporation
Symantec Corporation has investigated the SNMP issues identified by
the OUSPG test suite and determined that Symantec products are not
susceptable [sic] to these issues.
TANDBERG
Tandberg have run all the testcases found the PROTOS test-suie
[sic], c06snmpv1:
1. c06-snmpv1-trap-enc-pr1.jar
2. c06-snmpv1-treq-app-pr1.jar
3. c06-snmpv1-trap-enc-pr1.jar
4. c06-snmpv1-req-app-pr1.jar
The tests were run with standard delay time between the requests
(100ms), but also with a delay of 1ms. The tests applies to all
TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The
software tested on these products were B4.0 (our latest software)
and no problems were found when running the test suite.
Appendix B. - References 1. http://www.ee.oulu.fi/research/ouspg/protos/ 2. http://www.kb.cert.org/vuls/id/854306 3. http://www.kb.cert.org/vuls/id/107186 4. http://www.cert.org/tech_tips/denial_of_service.html 5. http://www.ietf.org/rfc/rfc1067.txt 6. http://www.ietf.org/rfc/rfc1089.txt 7. http://www.ietf.org/rfc/rfc1140.txt 8. http://www.ietf.org/rfc/rfc1155.txt 9. http://www.ietf.org/rfc/rfc1156.txt 10. http://www.ietf.org/rfc/rfc1215.txt 11. http://www.ietf.org/rfc/rfc1270.txt 12. http://www.ietf.org/rfc/rfc1352.txt
Appendix C. - Background Information
Background Information on the OUSPG
OUSPG is an academic research group located at Oulu University in
Finland. The purpose of this research group is to test software
for vulnerabilities.
History has shown that the techniques used by the OUSPG have
discovered a large number of previously undetected problems in the
products and protocols they have tested. In 2001, the OUSPG
produced a comprehensive test suite for evaluating implementations
of the Lightweight Directory Access Protocol (LDAP). This test
suite was developed with the strategy of abusing the protocol in
unsupported and unexpected ways, and it was very effective in
uncovering a wide variety of vulnerabilities across several
products. This approach can reveal vulnerabilities that would not
manifest themselves under normal conditions.
After completing its work on LDAP, OUSPG moved its focus to
SNMPv1. As with LDAP, they designed a custom test suite, began
testing a selection of products, and found a number of
vulnerabilities. Because OUSPG's work on LDAP was similar in
procedure to its current work on SNMP, you may wish to review the
LDAP Test Suite and CERT Advisory CA-2001-18, which outlined
results of application of the test suite.
In order to test the security of protocols like SNMPv1, the PROTOS
project presents a server with a wide variety of sample packets
containing unexpected values or illegally formatted data. As a
member of the PROTOS project consortium, the OUSPG used the PROTOS
c06-snmpv1 test suite to study several implementations of the
SNMPv1 protocol.
Background Information on the Simple Network Management Protocol
The Simple Network Management Protocol (SNMP) is the most popular
protocol in use to manage networked devices. SNMP was designed in
the late 80's to facilitate the exchange of management information
between networked devices, operating at the application layer of
the ISO/OSI model. The SNMP protocol enables network and system
administrators to remotely monitor and configure devices on the
network (devices such as switches and routers). Software and
firmware products designed for networks often make use of the SNMP
protocol. SNMP runs on a multitude of devices and operating
systems, including, but not limited to,
+ Core Network Devices (Routers, Switches, Hubs, Bridges, and
Wireless Network Access Points)
+ Operating Systems
+ Consumer Broadband Network Devices (Cable Modems and DSL
Modems)
+ Consumer Electronic Devices (Cameras and Image Scanners)
+ Networked Office Equipment (Printers, Copiers, and FAX
Machines)
+ Network and Systems Management/Diagnostic Frameworks (Network
Sniffers and Network Analyzers)
+ Uninterruptible Power Supplies (UPS)
+ Networked Medical Equipment (Imaging Units and Oscilloscopes)
+ Manufacturing and Processing Equipment
The SNMP protocol is formally defined in RFC1157. Quoting from
that RFC:
Implicit in the SNMP architectural model is a collection
of network management stations and network elements.
Network management stations execute management
applications which monitor and control network elements.
Network elements are devices such as hosts, gateways,
terminal servers, and the like, which have management
agents responsible for performing the network management
functions requested by the network management stations.
The Simple Network Management Protocol (SNMP) is used to
communicate management information between the network
management stations and the agents in the network
elements.
Additionally, SNMP is discussed in a number of other RFC
documents:
+ RFC 3000 Internet Official Protocol Standards
+ RFC 1212 Concise MIB Definitions
+ RFC 1213 Management Information Base for Network Management
of TCP/IP-based Internets: MIB-II
+ RFC 1215 A Convention for Defining Traps for use with the
SNMP
+ RFC 1270 SNMP Communications Services
+ RFC 2570 Introduction to Version 3 of the Internet-standard
Network Management Framework
+ RFC 2571 An Architecture for Describing SNMP Management
Frameworks
+ RFC 2572 Message Processing and Dispatching for the Simple
Network Management Protocol (SNMP)
+ RFC 2573 SNMP Applications
+ RFC 2574 User-based Security Model (USM) for version 3 of the
Simple Network Management Protocol (SNMPv3)
+ RFC 2575 View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP)
+ RFC 2576 Coexistence between Version 1, Version 2, and
Version 3 of the Internet-standard Network Management
Framework
_____________________________________________________________
The CERT Coordination Center thanks the Oulu University Secure
Programming Group for reporting these vulnerabilities to us, for
providing detailed technical analyses, and for assisting us in
preparing this advisory. We also thank Steven M. Bellovin (AT&T
Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP
Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),
Rob Thomas, Blue Boar (Thievco), and the many others who
contributed to this document.
_____________________________________________________________
Feedback on this document can be directed to the authors, Ian A.
Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D.
Householder, Marty Lindner, and Art Manion.
__________________________________________________________________
This document is available from:
http://www.cert.org/advisories/CA-2002-03.html
__________________________________________________________________
CERT/CC Contact Information
Email: cert@cert.org
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
Postal address:
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /
EDT(GMT-4) Monday through Friday; they are on call for emergencies
during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by
email. Our public PGP key is available from
http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more
information.
Getting security information
CERT publications and other security information are available
from our web site
http://www.cert.org/
To subscribe to the CERT mailing list for advisories and
bulletins, send email to majordomo@cert.org. Please include in the
body of your message
subscribe cert-advisory
* "CERT" and "CERT Coordination Center" are registered in the U.S.
Patent and Trademark Office.
__________________________________________________________________
NO WARRANTY
Any material furnished by Carnegie Mellon University and the
Software Engineering Institute is furnished on an "as is" basis.
Carnegie Mellon University makes no warranties of any kind, either
expressed or implied as to any matter including, but not limited
to, warranty of fitness for a particular purpose or
merchantability, exclusivity or results obtained from use of the
material. Carnegie Mellon University does not make any warranty of
any kind with respect to freedom from patent, trademark, or
copyright infringement.
_____________________________________________________________
Conditions for use, disclaimers, and sponsorship information
Copyright 2002 Carnegie Mellon University.
Revision History
February 12, 2002: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU R1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl QUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr uZiMJ5f2SEo= =h42e -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200205-0149",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.0",
"scope": "ne",
"trust": 5.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1",
"scope": "ne",
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "openserver",
"scope": "eq",
"trust": 1.9,
"vendor": "caldera",
"version": "5.0.5"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adventnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "american power conversion",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "aprisma",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bea",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bmc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cnt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "comtek services",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cscare",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cacheflow",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "carrier access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "compaq computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "concord",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dart",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "entrada",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "equinox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fluke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "general datacomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hirschmann",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "iplanet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "itouch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "infovista",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "inktomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "innerdive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "karlnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lantronix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "larscom incorporated",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mg soft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "marconi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mercury interactive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "metrobility optical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "micromuse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "monfox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "multinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net snmp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network harmoni",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nbase xyplex",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscout",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netsilicon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscape",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwave",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "optical access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "perle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "powerware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "radware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "snmp research",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sniffer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonicwall",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "symantec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "the sco group sco unix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "tivoli",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "toshiba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "unisphere",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vertical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vina",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "world wide packets",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "xerox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "e security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net com",
"version": null
},
{
"model": "ios 12.2",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "ios 12.0 xe",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 dc2",
"scope": "ne",
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s6",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nudesign team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "outback resource group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "veritas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bintec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "interniche",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ncipher corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "5.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "4.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "3.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "2.1"
},
{
"model": "ios 12.0 s7",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bx",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 xe?",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "ios 12.0 s1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 wc1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xu",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "ios 12.1 ex",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "sunnet manager sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "sunnet manager intel",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "sunmc rr",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "sunmc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "sunmc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1.1"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.5"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.4"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.3"
},
{
"model": "research mid-level manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research enterpol",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research dr-web manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "emulex 1gbit fibrechannel hub",
"scope": null,
"trust": 0.3,
"vendor": "sgi",
"version": null
},
{
"model": "brocade",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6.0"
},
{
"model": "networks aos",
"scope": null,
"trust": 0.3,
"vendor": "redback",
"version": null
},
{
"model": "realplayer intranet",
"scope": "eq",
"trust": 0.3,
"vendor": "realnetworks",
"version": "5.0"
},
{
"model": "software tcpware",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "5.5"
},
{
"model": "software multinet",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "4.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.11"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.2"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4.1"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.3.1"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.3"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.1.3"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.1"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.1.1"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows 98se",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows terminal services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "domino snmp agents solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1x86"
},
{
"model": "domino snmp agents solaris sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "domino snmp agents hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "lrs",
"scope": null,
"trust": 0.3,
"vendor": "lantronix",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "solutions router ip console",
"scope": "eq",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.406"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "procurve switch 8000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl-bundle",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2525"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2524"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2512"
},
{
"model": "procurve switch 2424m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 2400m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 1600m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ov/sam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.10"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.211.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.210.x"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.111.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.110.x"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.02000"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.011.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.010.20"
},
{
"model": "openview network node manager windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0.23.51/4.0"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview extensible snmp agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "openview emanate snmp agent solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.22.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.211.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.210.20"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.03"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "mc/serviceguard",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.20.00"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.00"
},
{
"model": "ito/vpo/ovo unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "ems a.03.20",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "gzip",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "3.1.02"
},
{
"model": "services nmserver",
"scope": "eq",
"trust": 0.3,
"vendor": "comtek",
"version": "3.4"
},
{
"model": "associates unicenter",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7"
},
{
"model": "openunix",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "8.0"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.6"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.14"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.13"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.12"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.11"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.21"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.19"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.18"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.17"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.16"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.15"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.14"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.13"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.12"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.11"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.20"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.10"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.09"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.08"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.07"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.06"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.05"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.04"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.03"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.02"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1"
},
{
"model": "cacheos",
"scope": null,
"trust": 0.3,
"vendor": "cacheflow",
"version": null
},
{
"model": "web nms msp edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "web nms",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp utilities",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "mediation server",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "management builder",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "fault management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "configuration management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "cli api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit java/jmx edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit c edition",
"scope": "eq",
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3000"
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1000"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4900"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4400"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3300"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1100"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "50"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "40"
},
{
"model": "dual speed hub",
"scope": null,
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "brocade .0d",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6"
},
{
"model": "ipso",
"scope": "ne",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4.2"
},
{
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.2"
},
{
"model": "solutions router ip console",
"scope": "ne",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.407"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.21.00"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
},
{
"model": "ios 12.0 wc 2900xl-lre",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4700"
},
{
"model": "ios 12.2 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7"
},
{
"model": "as5850",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000"
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ca1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(4.206)"
},
{
"model": "netranger sensor",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "as5200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vg248 analog phone gateway",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2gs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7750"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(8)"
},
{
"model": "ios 12.0 wt6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1"
},
{
"model": "traffic director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "ios 12.1 e5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "ios 12.0 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ya2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5300",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "cbos b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 11.1 cc4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 4840g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 aa4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "39203.0(7)"
},
{
"model": "secure ids network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ios 12.2 mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7100"
},
{
"model": "cva120",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst native mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "ios 12.1 ea1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xq",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2sa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1005"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.015"
},
{
"model": "ios 12.2 mx1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1.200)"
},
{
"model": "bpx/igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "ap340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10700"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "ios 12.1 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "distributed director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2501"
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "ios 12.1 yi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 2948g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6"
},
{
"model": "ios 12.1 ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(7.202)"
},
{
"model": "ios 12.2 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232"
},
{
"model": "ios 12.1 ec",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "user registration tool vlan policy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "ios 11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8240",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7010"
},
{
"model": "unity server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst hybrid mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ios 12.0 wc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1)"
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "snmpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "ios 12.0 st5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ios 12.0 sl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.2"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 db2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.10"
},
{
"model": "ios 12.1 ey",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ios 12.0 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "catalyst msm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "nsp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.1 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "info center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "ios 12.0 wx5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "arrowpoint cs11000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure ids host sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2950"
},
{
"model": "ios 11.1 ct",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr7200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios 12.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ia",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv4"
},
{
"model": "ios 12.1 t12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1548"
},
{
"model": "ios 12.1 e12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 sx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.0 st",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8510csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bpx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xz7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2920"
},
{
"model": "ios 12.1 ea1b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2p",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "as5800",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 p2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6200"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1700"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "ios 12.1 e7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "ios 12.2 t1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "ios 12.2 xa5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.1"
},
{
"model": "ios 12.1 ew1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ca",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.053"
},
{
"model": "catalyst 2948g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "ios 12.2 mb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ios 12.2 t0a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "ios 12.0 wc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ap350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sl6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5400",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
},
{
"model": "ios 12.0 wc2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1400"
},
{
"model": "ios 12.1 yb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "ios 12.1 e6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(3)"
},
{
"model": "bts",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"model": "ios 12.0 sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.8"
},
{
"model": "ubr900",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(2)"
},
{
"model": "ios 12.2 xb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 t2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(7)"
},
{
"model": "ios 12.1 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 sa6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sc2200/vsc3000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wan manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "infocenter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "570"
},
{
"model": "call manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 bc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8260",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(6)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "ios 12.1 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "ios 12.2 xj1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bc1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 12.1 xm7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "catalyst supervisor module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ap352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7600"
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(7)xv"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3.210)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(13)"
},
{
"model": "ios 12.2da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "505"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "netranger",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ex3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.0sl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "br350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "ios 12.2 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "ios 12.0 st3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4500"
},
{
"model": "ios 12.2 xw1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 da3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "ons metro edge optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15327"
},
{
"model": "ios 12.2 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microhub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1500"
},
{
"model": "ios 12.2 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "ios 12.0sc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232-13"
},
{
"model": "ios 11.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "mgx-8220",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "element management framework",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "catalyst 4908g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wgb340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks windows/wug",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(5)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios 12.0 s2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 gs6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "ios 12.0 xf1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"model": "rsfc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "ios 12.1 ec1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6624",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "ios 11.1 ca2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "secure pix firewall",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7500"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "ios 12.2 xi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.11"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "wgb352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cat6k nam",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fasthub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4001.0"
},
{
"model": "ios 12.2 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.1 ea2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rsm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nrp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.4"
},
{
"model": "ws-x6608",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1600"
},
{
"model": "ios 12.1 xz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xs?",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.9"
},
{
"model": "catalyst 8510msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2500"
},
{
"model": "ios 12.2 ya1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "service expansion shelf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "ios 12.0 xe1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "iad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8110"
},
{
"model": "ios 12.1 ex4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.1 e9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 11.1ct",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "ios 12.1 xp",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7300"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3550"
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ciscoworks windows",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.2 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "esr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "ls1010 atm switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 dc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7.002"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "ios 12.1 xi8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3900"
},
{
"model": "ios 11.3 db1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "800"
},
{
"model": "mc3810",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1cc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7200"
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(4)"
},
{
"model": "catalyst 4912g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "cbos ap",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "ios 12.2 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr10000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(2)"
},
{
"model": "ios 12.2 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:caldera:openserver:5.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by the Oulu University Secure Programming Group.",
"sources": [
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
}
],
"trust": 0.6
},
"cve": "CVE-1999-1570",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-1999-1570",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#107186",
"trust": 0.8,
"value": "69.26"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#854306",
"trust": 0.8,
"value": "42.64"
},
{
"author": "CNNVD",
"id": "CNNVD-200205-001",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. \nThe resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. SNMP requests are messages sent from manager to agent systems. They typically poll the agent for current performance or configuration information, ask for the next SNMP object in a Management Information Base (MIB), or modify the configuration settings of the agent. \nMultiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP request messages. \nAmong the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. \nIt is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2002-03: Multiple Vulnerabilities in Many\nImplementations of the Simple Network Management Protocol (SNMP)\n\n Original release date: February 12, 2002\n Last revised: --\n Source: CERT/CC\n\n A complete revision history can be found at the end of this file. \n\nSystems Affected\n\n Products from a very wide variety of vendors may be affected. See\n Vendor Information for details from vendors who have provided feedback\n for this advisory. \n\n In addition to the vendors who provided feedback for this advisory, a\n list of vendors whom CERT/CC contacted regarding these problems is\n available from\n http://www.kb.cert.org/vuls/id/854306\n http://www.kb.cert.org/vuls/id/107186 \n\n Many other systems making use of SNMP may also be vulnerable but were\n not specifically tested. \n\n In addition to this advisory, we also have an FAQ available at\n http://www.cert.org/tech_tips/snmp_faq.html\n\nI. Description\n\n The Simple Network Management Protocol (SNMP) is a widely deployed\n protocol that is commonly used to monitor and manage network devices. \n Version 1 of the protocol (SNMPv1) defines several types of SNMP\n messages that are used to request information or configuration\n changes, respond to requests, enumerate SNMP objects, and send\n unsolicited alerts. The Oulu University Secure Programming Group\n (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous\n vulnerabilities in SNMPv1 implementations from many different vendors. \n More information about SNMP and OUSPG can be found in Appendix C\n\n OUSPG\u0027s research focused on the manner in which SNMPv1 agents and\n managers handle request and trap messages. A trap message\n may indicate a warning or error condition or otherwise notify the\n manager about the agent\u0027s state. Request\n messages might be issued to obtain information from an agent or to\n instruct the agent to configure the host device. \n\n Vulnerabilities in the decoding and subsequent processing of SNMP\n messages by both managers and agents may result in denial-of-service\n conditions, format string vulnerabilities, and buffer overflows. Some\n vulnerabilities do not require the SNMP message to use the correct\n SNMP community string. \n\n These vulnerabilities have been assigned the CVE identifiers\n CAN-2002-0012 and CAN-2002-0013, respectively. \n\nII. \n\nIII. Solution\n\n Note that many of the mitigation steps recommended below may have\n significant impact on your everyday network operations and/or network\n architecture. Ensure that any changes made based on the following\n recommendations will not unacceptably affect your ongoing network\n operations capability. \n\nApply a patch from your vendor\n\n Appendix A contains information provided by vendors for this advisory. \n Please consult this appendix to determine if you need to contact your\n vendor directly. \n\nDisable the SNMP service\n\n As a general rule, the CERT/CC recommends disabling any service or\n capability that is not explicitly required, including SNMP. \n Unfortunately, some of the affected products exhibited unexpected\n behavior or denial of service conditions when exposed to the OUSPG\n test suite even if SNMP was not enabled. In these cases, disabling\n SNMP should be used in conjunction with the filtering practices listed\n below to provide additional protection. \n\nIngress filtering\n\n As a temporary measure, it may be possible to limit the scope of these\n vulnerabilities by blocking access to SNMP services at the network\n perimeter. \n\n Ingress filtering manages the flow of traffic as it enters a network\n under your administrative control. Servers are typically the only\n machines that need to accept inbound traffic from the public Internet. \n In the network usage policy of many sites, there are few reasons for\n external hosts to initiate inbound traffic to machines that provide no\n public services. Thus, ingress filtering should be performed at the\n border to prohibit externally initiated inbound traffic to\n non-authorized services. For SNMP, ingress filtering of the following\n ports can prevent attackers outside of your network from impacting\n vulnerable devices in the local network that are not explicitly\n authorized to provide public SNMP services. \n\n snmp 161/udp # Simple Network Management Protocol (SNMP)\n snmp 162/udp # SNMP system management messages\n\n The following services are less common, but may be used on some\n affected products\n\n snmp 161/tcp # Simple Network Management Protocol\n (SNMP)\n snmp 162/tcp # SNMP system management messages\n smux 199/tcp # SNMP Unix Multiplexer\n smux 199/udp # SNMP Unix Multiplexer\n synoptics-relay 391/tcp # SynOptics SNMP Relay Port\n synoptics-relay 391/udp # SynOptics SNMP Relay Port\n agentx 705/tcp # AgentX\n snmp-tcp-port 1993/tcp # cisco SNMP TCP port\n snmp-tcp-port 1993/udp # cisco SNMP TCP port\n\n As noted above, you should carefully consider the impact of blocking\n services that you may be using. \n\n It is important to note that in many SNMP implementations, the SNMP\n daemon may bind to all IP interfaces on the device. This has important\n consequences when considering appropriate packet filtering measures\n required to protect an SNMP-enabled device. For example, even if a\n device disallows SNMP packets directed to the IP addresses of its\n normal network interfaces, it may still be possible to exploit these\n vulnerabilities on that device through the use of packets directed at\n the following IP addresses:\n * \"all-ones\" broadcast address\n * subnet broadcast address\n * any internal loopback addresses (commonly used in routers for\n management purposes, not to be confused with the IP stack loopback\n address 127.0.0.1)\n\n Careful consideration should be given to addresses of the types\n mentioned above by sites planning for packet filtering as part of\n their mitigation strategy for these vulnerabilities. \n\n Finally, sites may wish to block access to the following RPC services\n related to SNMP (listed as name, program ID, alternate names)\n\n snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys\n snmp-utk\n snmpv2 100138 na.snmpv2 # SNM Version 2.2.2\n snmpXdmid 100249\n\n Please note that this workaround may not protect vulnerable devices\n from internal attacks. \n\nFilter SNMP traffic from non-authorized internal hosts\n\n In many networks, only a limited number of network management systems\n need to originate SNMP request messages. This can reduce, but not wholly eliminate, the\n risk from internal attacks. However, it may have detrimental effects\n on network performance due to the increased load imposed by the\n filtering, so careful consideration is required before implementation. \n Similar caveats to the previous workaround regarding broadcast and\n loopback addresses apply. \n\nChange default community strings\n\n Most SNMP-enabled products ship with default community strings of\n \"public\" for read-only access and \"private\" for read-write access. As\n with any known default access control mechanism, the CERT/CC\n recommends that network administrators change these community strings\n to something of their own choosing. However, even when community\n strings are changed from their defaults, they will still be passed in\n plaintext and are therefore subject to packet sniffing attacks. SNMPv3\n offers additional capabilities to ensure authentication and privacy as\n described in RFC2574. \n\n Because many of the vulnerabilities identified in this advisory occur\n before the community strings are evaluated, it is important to note\n that performing this step alone is not sufficient to mitigate the\n impact of these vulnerabilities. Nonetheless, it should be performed\n as part of good security practice. \n\nSegregate SNMP traffic onto a separate management network\n\n In situations where blocking or disabling SNMP is not possible,\n exposure to these vulnerabilities may be limited by restricting all\n SNMP access to separate, isolated management networks that are not\n publicly accessible. Although this would ideally involve physically\n separate networks, that kind of separation is probably not feasible in\n most environments. Mechanisms such as virtual LANs (VLANs) may be used\n to help segregate traffic on the same physical network. Note that\n VLANs may not strictly prevent an attacker from exploiting these\n vulnerabilities, but they may make it more difficult to initiate the\n attacks. \n\n Another option is for sites to restrict SNMP traffic to separate\n virtual private networks (VPNs), which employ cryptographically strong\n authentication. \n\n Note that these solutions may require extensive changes to a site\u0027s\n network architecture. \n\nEgress filtering\n\n Egress filtering manages the flow of traffic as it leaves a network\n under your administrative control. There is typically limited need for\n machines providing public services to initiate outbound traffic to the\n Internet. In the case of SNMP vulnerabilities, employing egress\n filtering on the ports listed above at your network border can prevent\n your network from being used as a source for attacks on other sites. \n\nDisable stack execution\n\n Disabling executable stacks (on systems where this is configurable)\n can reduce the risk of \"stack smashing\" attacks based on these\n vulnerabilities. Although this does not provide 100 percent protection\n against exploitation of these vulnerabilities, it makes the likelihood\n of a successful exploit much smaller. On many UNIX systems, executable\n stacks can be disabled by adding the following lines to /etc/system:\n\n set noexec_user_stack = 1 set noexec_user_stack_log = 1\n\n Note that this may go against the SPARC and Intel ABIs and can be\n bypassed as required in programs with mprotect(2). For the changes to\n take effect you will then need to reboot. \n\n Other operating systems and architectures also support the disabling\n of executable stacks either through native configuration parameters or\n via third-party software. Consult your vendor(s) for additional\n information. \n\nShare tools and techniques\n\n Because dealing with these vulnerabilities to systems and networks is\n so complex, the CERT/CC will provide a forum where administrators can\n share ideas and techniques that can be used to develop proper\n defenses. We have created an unmoderated mailing list for system and\n network administrators to discuss helpful techniques and tools. \n\n You can subscribe to the mailing list by sending an email message to\n majordomo@cert.org. In the body of the message, type\n\n subscribe snmp-forum\n\n After you receive the confirmation message, follow the instructions in\n the message to complete the subscription process. \n\nAppendix A. - Vendor Information\n\n This appendix contains information provided by vendors for this\n advisory. As vendors report new information to the CERT/CC, we will\n update this section and note the changes in our revision history. If a\n particular vendor is not listed below, we have not received their\n comments. \n\nAdventNet\n\n This is in reference to your notification regarding [VU#107186 and\n VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this\n behavior in their products and coded a Service Pack fix which is\n currently in regression testing in AdventNet Inc.\u0027s Q.A. \n organization. The release of AdventNet Inc\u0027s. Service Pack\n correcting the behavior outlined in VU#617947, and OUSPG#0100 is\n scheduled to be generally available to all of AdventNet Inc.\u0027s\n customers by February 20, 2002. \n\nAvaya\n\n Avaya Inc. No further information is available at this time. \n\nCacheFlow\n\n The purpose of this email is to advise you that CacheFlow Inc. has\n provided a software update. Please be advised that updated versions\n of the software are now available for all supported CacheFlow\n hardware platforms, and may be obtained by CacheFlow customers at\n the following URL:\n\n http://download.cacheflow.com/\n\n The specific reference to the software update is contained within the\n Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15\n Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149. \n\n RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm\n\n RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm\n\n * SR 1-1647517, VI 13045: This update modified a potential\n vulnerability by using an SNMP test tools exploit. \n\n3Com Corporation\n\n A vulnerability to an SNMP packet with an invalid length community\n string has been resolved in the following products. Customers\n concerned about this weakness should ensure that they upgrade to\n the following agent versions:\n PS Hub 40\n 2.16 is due Feb 2002\n PS Hub 50\n 2.16 is due Feb 2002\n Dual Speed Hub\n 2.16 is due Jan 2002\n Switch 1100/3300\n 2.68 is available now\n Switch 4400\n 2.02 is available now\n Switch 4900\n 2.04 is available now\n WebCache1000/3000\n 2.00 is due Jan 2002\n\nCaldera\n\n Caldera International, Inc. has reproduced faulty behavior in\n Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX\n 8. We have coded a software fix for supported versions of Caldera\n UnixWare 7 and Caldera Open UNIX 8 that will be available from\n our support site at http://stage.caldera.com/support/security\n immediately following the publication of this CERT announcement. A\n fix for supported versions of OpenServer 5 will be available at a\n later date. \n\nCisco Systems\n\n Cisco Systems is addressing the vulnerabilities identified by\n VU#854306 and VU#107186 across its entire product line. Cisco will\n publish a security advisory with further details at\n http://www.cisco.com/go/psirt/. \n\nCompaq Computer Corporation\n\n x-ref: SSRT0779U SNMP\n At the time of writing this document, COMPAQ continues to evaluate\n this potential problem and when new versions of SNMP are available,\n COMPAQ will implement solutions based on the new code. Compaq will\n provide notice of any new patches as a result of that effort\n through standard patch notification procedures and be available\n from your normal Compaq Services support channel. \n\nComputer Associates\n\n Computer Associates has confirmed Unicenter vulnerability to the\n SNMP advisory identified by CERT notification reference [VU#107186\n \u0026 VU#854306] and OUSPG#0100. We have produced corrective\n maintenance to address these vulnerabilities, which is in the\n process of publication for all applicable releases / platforms and\n will be offered through the CA Support site. Please contact our\n Technical Support organization for information regarding\n availability / applicability for your specific configuration(s). \n\nCOMTEK Services, Inc. \n\n NMServer for AS/400 is not an SNMP master and is therefore not\n vulnerable. However this product requires the use of the AS/400\n SNMP master agent supplied by IBM. \n\n NMServer for OpenVMS has been tested and has shown to be\n vulnerable. COMTEK Services is preparing a new release of this\n product (version 3.5) which will contain a fix for this problem. \n This new release is scheduled to be available in February 2002. \n Contact COMTEK Services for further information. \n\n NMServer for VOS has not as yet been tested; vulnerability of this\n agent is unknown. Contact for further information on the testing\n schedule of the VOS product. \n\nCovalent Technologies\n\n Covalent Technologies ERS (Enterprise Ready Server), Secure Server,\n and Conductor SNMP module are not vulnerable according to testing\n performed in accordance with CERT recommendations. Security\n information for Covalent products can be found at www.covalent.net\n\nDartware, LLC\n\n Dartware, LLC (www.dartware.com) supplies two products that use\n SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present\n and past versions of these two software packages. \n\nDMH Software\n\n DMH Software is in the process of evaluating and attempting to\n reproduce this behavior. \n It is unclear at this point if our snmp-agent is sensitive to the\n tests described above. \n If any problems will be discovered, DMH Software will code a\n software fix. \n The release of DMH Software OS correcting the behavior outlined in\n VU#854306, VU#107186, and OUSPG#0100 will be generally available to\n all of DMH Software\u0027s customers as soon as possible. \n\nEnGarde Secure Linux\n\n EnGarde Secure Linux did not ship any SNMP packages in version\n 1.0.1 of our distribution, so we are not vulnerable to either bug. \n\nFreeBSD\n\n FreeBSD does not include any SNMP software by default, and so is\n not vulnerable. However, the FreeBSD Ports Collection contains the\n UCD-SNMP / NET-SNMP package. Package versions prior to\n ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release\n will ship the corrected version of the UCD-SNMP / NET-SNMP\n package. In addition, the corrected version of the packages is\n available from the FreeBSD mirrors. \n\n FreeBSD has issued the following FreeBSD Security Advisory\n regarding the UCD-SNMP / NET-SNMP package:\n ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09. \n snmp.asc. \n\nHewlett-Packard Company\n\n SUMMARY - known vulnerable:\n ========================================\n hp procurve switch 2524\n NNM (Network Node Manager)\n JetDirect Firmware (Older versions only)\n HP-UX Systems running snmpd or OPENVIEW\n MC/ServiceGuard\n EMS\n Still under investigation:\n SNMP/iX (MPE/iX)\n ========================================\n _________________________________________________________\n ---------------------------------------------------------\n hp procurve switch 2524 \n ---------------------------------------------------------\n hp procurve switch 2525 (product J4813A) is vulnerable to some\n issues, patches in process. Watch for the associated HP\n Security Bulletin. \n ---------------------------------------------------------\n NNM (Network Node Manager)\n ---------------------------------------------------------\n Some problems were found in NNM product were related to\n trap handling. Patches in process. Watch for the\n associated HP Security Bulletin. \n ---------------------------------------------------------\n JetDirect Firmware (Older versions only)\n ---------------------------------------------------------\n ONLY some older versions of JetDirect Firmware are\n vulnerable to some of the issues. The older firmware\n can be upgraded in most cases, see list below. \n JetDirect Firmware Version State\n ========================== =====\n X.08.32 and higher NOT Vulnerable\n X.21.00 and higher NOT Vulnerable\n JetDirect Product Numbers that can be freely\n upgraded to X.08.32 or X.21.00 or higher firmware. \n EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)\n J3110A 10T\n J3111A 10T/10B2/LocalTalk\n J3112A Token Ring (discontinued)\n J3113A 10/100 (discontinued)\n J4169A 10/100\n J4167A Token Ring\n MIO (Peripherals LaserJet 4, 4si, 5si, etc...)\n J2550A/B 10T (discontinued)\n J2552A/B 10T/10Base2/LocalTalk (discontinued)\n J2555A/B Token Ring (discontinued)\n J4100A 10/100\n J4105A Token Ring\n J4106A 10T\n External Print Servers\n J2591A EX+ (discontinued)\n J2593A EX+3 10T/10B2 (discontinued)\n J2594A EX+3 Token Ring (discontinued)\n J3263A 300X 10/100\n J3264A 500X Token Ring\n J3265A 500X 10/100\n ----------------------------------------------------------\n HP-UX Systems running snmpd or OPENVIEW\n ----------------------------------------------------------\n The following patches are available now:\n PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch\n PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch\n PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated\n Patch\n All three patches are available from:\n http://support.openview.hp.com/cpe/patches/\n In addition PHSS_26137 and PHSS_26138 will soon be available from:\n http://itrc.hp.com\n ================================================================\n NOTE: The patches are labeled OV(Open View). However, the patches\n are also applicable to systems that are not running Open View. \n =================================================================\n Any HP-UX 10.X or 11.X system running snmpd or snmpdm is\n vulnerable. \n To determine if your HP-UX system has snmpd or snmpdm installed:\n swlist -l file | grep snmpd\n If a patch is not available for your platform or you cannot install\n an available patch, snmpd and snmpdm can be disabled by removing\n their\n entries from /etc/services and removing the execute permissions\n from\n /usr/sbin/snmpd and /usr/sbin/snmpdm. \n ----------------------------------------------------------------\n Investigation completed, systems vulnerable. \n ----------------------------------------------------------------\n MC/ServiceGuard\n Event Monitoring System (EMS)\n ----------------------------------------------------------------\n Still under investigation:\n ----------------------------------------------------------------\n SNMP/iX (MPE/iX)\n\nHirschmann Electronics GmbH \u0026 Co. KG\n\n Hirschmann Electronics GmbH \u0026 Co. KG supplies a broad range of\n networking products, some of which are affected by the SNMP\n vulnerabilities identified by CERT Coordination Center. Hirschmann customers may contact our Competence\n Center (phone +49-7127-14-1538, email:\n ans-support@nt.hirschmann.de) for additional information,\n especially regarding availability of latest firmware releases\n addressing the SNMP vulnerabilities. \n\nIBM Corporation\n\n Based upon the results of running the test suites we have\n determined that our version of SNMP shipped with AIX is NOT\n vulnerable. \n\nInnerdive Solutions, LLC\n\n Innerdive Solutions, LLC has two SNMP based products:\n 1. The \"SNMP MIB Scout\"\n (http://www.innerdive.com/products/mibscout/)\n 2. The \"Router IP Console\" (http://www.innerdive.com/products/ric/)\n The \"SNMP MIB Scout\" is not vulnerable to either bug. \n The \"Router IP Console\" releases prior to 3.3.0.407 are vulnerable. \n The release of \"Router IP Console\" correcting the behavior outlined\n in OUSPG#0100 is 3.3.0.407 and is already available on our site. \n Also, we will notify all our customers about this new release no\n later than March 5, 2002. \n\nJuniper Networks\n\n This is in reference to your notification regarding CAN-2002-0012\n and CAN-2002-0013. Juniper Networks has reproduced this behavior\n and coded a software fix. The fix will be included in all releases\n of JUNOS Internet software built after January 5, 2002. Customers\n with current support contracts can download new software with the\n fix from Juniper\u0027s web site at www.juniper.net. \n Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can\n only be reproduced in JUNOS Internet software if certain tracing\n options are enabled. These options are generally not enabled in\n production routers. \n\nLantronix, Inc. \n\n Lantronix is committed to resolving security issues with our\n products. The SNMP security bug you reported has been fixed in LRS\n firmware version B1.3/611(020123). \n\nLotus Development Corporation\n\n Lotus Software evaluated the Lotus Domino Server for\n vulnerabilities using the test suite materials provided by OUSPG. \n This problem does not affect default installations of the Domino\n Server. However, SNMP agents can be installed from the CD to\n provide SNMP services for the Domino Server (these are located in\n the /apps/sysmgmt/agents directory). The optional platform\n specific master and encapsulator agents included with the Lotus\n Domino SNMP Agents for HP-UX and Solaris have been found to be\n vulnerable. For those platforms, customers should upgrade to\n version R5.0.1 a of the Lotus Domino SNMP Agents, available for\n download from the Lotus Knowledge Base on the IBM Support Web Site\n (http://www.ibm.com/software/lotus/support/). Please refer to\n Document #191059, \"Lotus Domino SNMP Agents R5.0.1a\", also in the\n Lotus Knowledge Base, for more details. \n\nLOGEC Systems Inc\n\n The products from LOGEC Systems are exposed to SNMP only via HP\n OpenView. We do not have an implementation of SNMP ourselves. As\n such, there is nothing in our products that would be an issue with\n this alert. \n\nLucent\n\n Lucent is aware of reports that there is a vulnerability in certain\n implementations of the SNMP (Simple Network Management Protocol)\n code that is used in data switches and other hardware throughout\n the telecom industry. \n As soon as we were notified by CERT, we began assessing our product\n portfolio and notifying customers with products that might be\n affected. \n Our 5ESS switch and most of our optical portfolio were not\n affected. Our core and edge ATM switches and most of our edge\n access products are affected, but we have developed, tested, and\n deployed fixes for many of those products to our customers. \n We consider the security and reliability of our customers\u0027 networks\n to be one of our critical measures of success. We take every\n reasonable measure to ensure their satisfaction. \n In addition, we are working with customers on ways to further\n enhance the security they have in place today. \n\nMarconi\n\n Marconi supplies a broad range of telecommunications and related\n products, some of which are affected by the SNMP vulnerabilities\n identified here. Those\n Marconi customers with support entitlement may contact the\n appropriate Technical Assistance Center (TAC) for additional\n information. Those not under support entitlement may contact their\n sales representative. \n\nMicrosoft Corporation\n\n The Microsoft Security Reponse [sic] Center has investigated this\n issue, and provides the following information. The SNMP v1 service is not installed or running by\n default on any version of Windows. A patch is underway to eliminate\n the vulnerability. In the meantime, we recommend that affected\n customers disable the SNMP v1 service. \n\n Details:\n An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE. \n It is not installed or running by default on any of these\n platforms. An SNMP v1 is NOT provided for Windows ME. However, it\n is possible that Windows 98 machines which had the service\n installed and were upgraded would still have the service. Since\n SNMP is not supported for WinME, customers in this situation are\n urged to remove the SNMP service. \n An SNMP v1 service is available on Windows NT 4.0 (including\n Terminal Server Edition) and Windows 2000 but is not installed or\n running by default on any of these platforms.Windows XP does not\n ship with an SNMP v1 service. \n\n Remediation:\n A patch is underway for the affected platforms, and will be\n released shortly. In the meantime, Microsoft recommends that\n customers who have the SNMP v1 service running disable it to\n protect their systems. Following are instruction for doing this:\n\n Windows 95, 98 and 98SE:\n 1. In Control Panel, double-click Network. \n 2. On the Configuration tab, select Microsoft SNMP Agent from the\n list of installed components. \n 3. Click Remove\n\n Check the following keys and confirm that snmp.exe is not listed. \n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunSer\n vices\n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\n \n For Windows XP:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n \n For Windows NT 4.0 (including Terminal Server Edition):\n 1. Select Start, then Settings. \n 2. Select Control Panel, then click on the Services Icon\n 3. Locate SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close Control Panel\n\n Windows 2000:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n\nMultinet\n\n MultiNet and TCPware customers should contact Process Software to\n check for the availability of patches for this issue. A couple of\n minor problems were found and fixed, but there is no security risk\n related to the SNMP code included with either product. \n\nNetaphor\n\n NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP\n Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,\n two Java based products that may be affected by the SNMP\n vulnerabilities identified here. The manner in which they are\n affected and the actions required (if any) to avoid being impacted\n by exploitation of these vulnerabilities, may be obtained by\n contacting Netaphor via email at info@netaphor.com Customers with\n annual support may contact support@netaphor.com directly. Those not\n under support entitlement may contact Netaphor sales:\n sales@netaphor.com or (949) 470 7955 in USA. \n\nNetBSD\n\n NetBSD does not ship with any SNMP tools in our \u0027base\u0027 releases. We\n do provide optional packages which provide various support for\n SNMP. These packages are not installed by default, nor are they\n currently provided as an install option by the operating system\n installation tools. A system administrator/end-user has to manually\n install this with our package management tools. These SNMP packages\n include:\n + netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for\n netsaint)\n + p5-Net-SNMP-3.60 (perl5 module for SNMP queries)\n + p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP\n library\n + p5-SNMP_Session-0.83 (perl5 module providing rudimentary\n access to remote SNMP agents)\n + ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.1.2)\n + ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.2.1)\n\n We do provide a software monitoring mechanism called\n \u0027audit-packages\u0027, which allows us to highlight if a package with a\n range of versions has a potential vulnerability, and recommends\n that the end-user upgrade the packages in question. \n\nNetscape Communications Corporation\n\n Netscape continues to be committed to maintaining a high level of\n quality in our software and service offerings. Part of this\n commitment includes prompt response to security issues discovered\n by organizations such as the CERT Coordination Center. \n According to a recent CERT/CC advisory, The Oulu University Secure\n Programming Group (OUSPG) has reported numerous vulnerabilities in\n multiple vendor SNMPv1 implementations. \n We have carefully examined the reported findings, performing the\n tests suggested by the OUSPG to determine whether Netscape server\n products were subject to these vulnerabilities. It was determined\n that several products fell into this category. As a result, we have\n created fixes which will resolve the issues, and these fixes will\n appear in future releases of our product line. To Netscape\u0027s\n knowledge, there are no known instances of these vulnerabilities\n being exploited and no customers have been affected to date. \n When such security warnings are issued, Netscape has committed to -\n and will continue to commit to - resolving these issues in a prompt\n and timely fashion, ensuring that our customers receive products of\n the highest quality and security. \n\nNET-SNMP\n\n All ucd-snmp version prior to 4.2.2 are susceptible to this\n vulnerability and users of versions prior to version 4.2.2 are\n encouraged to upgrade their software as soon as possible\n (http://www.net-snmp.org/download/). Version 4.2.2 and higher are\n not susceptible. \n\nNetwork Associates\n\n PGP is not affected, impacted, or otherwise related to this VU#. \n\nNetwork Computing Technologies\n\n Network Computing Technologies has reviewed the information\n regarding SNMP vulnerabilities and is currently investigating the\n impact to our products. \n\nNokia\n\n This vulnerability is known to affect IPSO versions 3.1.3, 3.3,\n 3.3.1, 3.4, and 3.4.1. Patches are currently available for\n versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia\n website. In addition, version 3.4.2 shipped with the patch\n incorporated, and the necessary fix will be included in all future\n releases of IPSO. \n We recommend customers install the patch immediately or follow the\n recommended precautions below to avoid any potential exploit. \n If you are not using SNMP services, including Traps, simply disable\n the SNMP daemon to completely eliminate the potential\n vulnerability. \n If you are using only SNMP Traps and running Check Point\n FireWall-1, create a firewall policy to disallow incoming SNMP\n messages on all appropriate interfaces. Traps will continue to work\n normally. \n\nNortel Networks\n\n The CERT Coordination Center has issued a broad based alert to the\n technology industry, including Nortel Networks, regarding potential\n security vulnerabilities identified in the Simple Network\n Management Protocol (SNMP), a common networking standard. The\n company is working with CERT and other network equipment\n manufacturers, the U.S. Government, service providers, and software\n suppliers to assess and address this issue. \n\nNovell\n\n Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x\n and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on\n NetWare are fixed and will be available through NetWare 6 Support\n Pack 1 \u0026 NetWare 5.1 Support Pack 4. Support packs are available at\n http://support.novell.com/tools/csp/\n\nOpenBSD\n\n OpenBSD does not ship SNMP code. \n\nQualcomm\n\n WorldMail does not support SNMP by default, so customers who run\n unmodified installations are not vulnerable. \n\nRedback Networks, Inc. \n\n Redback Networks, Inc. has identified that the vulnerability in\n question affects certain versions of AOS software on the SMS 500,\n SMS 1800, and SMS 10000 platforms, and is taking the appropriate\n steps necessary to correct the issue. \n\nRed Hat\n\n RedHat has released a security advisiory [sic] at\n http://www.redhat.com/support/errata/RHSA-2001-163.html\n with updated versions of the ucd-snmp package for all supported\n releases and architectures. For more information or to download the\n update please visit this page. \n\nSGI\n\n SGI acknowledges the SNMP vulnerabilities reported by CERT and is\n currently investigating. No further information is available at\n this time. \n For the protection of all our customers, SGI does not disclose,\n discuss or confirm vulnerabilities until a full investigation has\n occurred and any necessary patch(es) or release streams are\n available for all vulnerable and supported IRIX operating systems. \n Until SGI has more definitive information to provide, customers are\n encouraged to assume all security vulnerabilities as exploitable\n and take appropriate steps according to local site security\n policies and requirements. As further information becomes\n available, additional advisories will be issued via the normal SGI\n security information distribution methods including the wiretap\n mailing list on http://www.sgi.com/support/security/. \n\nSNMP Research International\n\n SNMP Research has made the following vendor statement. They are\n likely to revise and expand the statement as the date for the\n public vulnerability announcement draws nearer. Users maintaining\n earlier releases should update to the current release if they have\n not already done so. Up-to-date information is available from\n support@snmp.com. Other Stonesoft\u0027s products are\n still under investigation. As further information becomes\n available, additional advisories will be available at\n http://www.stonesoft.com/support/techcenter/\n\nSun Microsystems, Inc. \n\n Sun\u0027s SNMP product, Solstice Enterprise Agents (SEA), described\n here:\n http://www.sun.com/solstice/products/ent.agents/\n is affected by VU#854306 but not VU#107186. More specifically the\n main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8. \n Sun is currently generating patches for this issue and will be\n releasing a Sun Security Bulletin once the patches are available. \n The bulletin will be available from:\n http://sunsolve.sun.com/security. Sun patches are available from:\n http://sunsolve.sun.com/securitypatch. \n\nSymantec Corporation\n\n Symantec Corporation has investigated the SNMP issues identified by\n the OUSPG test suite and determined that Symantec products are not\n susceptable [sic] to these issues. \n\nTANDBERG\n\n Tandberg have run all the testcases found the PROTOS test-suie\n [sic], c06snmpv1:\n 1. c06-snmpv1-trap-enc-pr1.jar\n 2. c06-snmpv1-treq-app-pr1.jar\n 3. c06-snmpv1-trap-enc-pr1.jar\n 4. c06-snmpv1-req-app-pr1.jar\n The tests were run with standard delay time between the requests\n (100ms), but also with a delay of 1ms. The tests applies to all\n TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The\n software tested on these products were B4.0 (our latest software)\n and no problems were found when running the test suite. \n\nAppendix B. - References\n 1. http://www.ee.oulu.fi/research/ouspg/protos/\n 2. http://www.kb.cert.org/vuls/id/854306\n 3. http://www.kb.cert.org/vuls/id/107186\n 4. http://www.cert.org/tech_tips/denial_of_service.html\n 5. http://www.ietf.org/rfc/rfc1067.txt\n 6. http://www.ietf.org/rfc/rfc1089.txt\n 7. http://www.ietf.org/rfc/rfc1140.txt\n 8. http://www.ietf.org/rfc/rfc1155.txt\n 9. http://www.ietf.org/rfc/rfc1156.txt\n 10. http://www.ietf.org/rfc/rfc1215.txt\n 11. http://www.ietf.org/rfc/rfc1270.txt\n 12. http://www.ietf.org/rfc/rfc1352.txt\n\nAppendix C. - Background Information\n\n Background Information on the OUSPG\n\n OUSPG is an academic research group located at Oulu University in\n Finland. The purpose of this research group is to test software\n for vulnerabilities. \n History has shown that the techniques used by the OUSPG have\n discovered a large number of previously undetected problems in the\n products and protocols they have tested. In 2001, the OUSPG\n produced a comprehensive test suite for evaluating implementations\n of the Lightweight Directory Access Protocol (LDAP). This test\n suite was developed with the strategy of abusing the protocol in\n unsupported and unexpected ways, and it was very effective in\n uncovering a wide variety of vulnerabilities across several\n products. This approach can reveal vulnerabilities that would not\n manifest themselves under normal conditions. \n After completing its work on LDAP, OUSPG moved its focus to\n SNMPv1. As with LDAP, they designed a custom test suite, began\n testing a selection of products, and found a number of\n vulnerabilities. Because OUSPG\u0027s work on LDAP was similar in\n procedure to its current work on SNMP, you may wish to review the\n LDAP Test Suite and CERT Advisory CA-2001-18, which outlined\n results of application of the test suite. \n In order to test the security of protocols like SNMPv1, the PROTOS\n project presents a server with a wide variety of sample packets\n containing unexpected values or illegally formatted data. As a\n member of the PROTOS project consortium, the OUSPG used the PROTOS\n c06-snmpv1 test suite to study several implementations of the\n SNMPv1 protocol. \n\n Background Information on the Simple Network Management Protocol\n \n The Simple Network Management Protocol (SNMP) is the most popular\n protocol in use to manage networked devices. SNMP was designed in\n the late 80\u0027s to facilitate the exchange of management information\n between networked devices, operating at the application layer of\n the ISO/OSI model. The SNMP protocol enables network and system\n administrators to remotely monitor and configure devices on the\n network (devices such as switches and routers). Software and\n firmware products designed for networks often make use of the SNMP\n protocol. SNMP runs on a multitude of devices and operating\n systems, including, but not limited to,\n + Core Network Devices (Routers, Switches, Hubs, Bridges, and\n Wireless Network Access Points)\n + Operating Systems\n + Consumer Broadband Network Devices (Cable Modems and DSL\n Modems)\n + Consumer Electronic Devices (Cameras and Image Scanners)\n + Networked Office Equipment (Printers, Copiers, and FAX\n Machines)\n + Network and Systems Management/Diagnostic Frameworks (Network\n Sniffers and Network Analyzers)\n + Uninterruptible Power Supplies (UPS)\n + Networked Medical Equipment (Imaging Units and Oscilloscopes)\n + Manufacturing and Processing Equipment\n The SNMP protocol is formally defined in RFC1157. Quoting from\n that RFC:\n\n Implicit in the SNMP architectural model is a collection\n of network management stations and network elements. \n Network management stations execute management\n applications which monitor and control network elements. \n Network elements are devices such as hosts, gateways,\n terminal servers, and the like, which have management\n agents responsible for performing the network management\n functions requested by the network management stations. \n The Simple Network Management Protocol (SNMP) is used to\n communicate management information between the network\n management stations and the agents in the network\n elements. \n\n Additionally, SNMP is discussed in a number of other RFC\n documents:\n + RFC 3000 Internet Official Protocol Standards\n + RFC 1212 Concise MIB Definitions\n + RFC 1213 Management Information Base for Network Management\n of TCP/IP-based Internets: MIB-II\n + RFC 1215 A Convention for Defining Traps for use with the\n SNMP\n + RFC 1270 SNMP Communications Services\n + RFC 2570 Introduction to Version 3 of the Internet-standard\n Network Management Framework\n + RFC 2571 An Architecture for Describing SNMP Management\n Frameworks\n + RFC 2572 Message Processing and Dispatching for the Simple\n Network Management Protocol (SNMP)\n + RFC 2573 SNMP Applications\n + RFC 2574 User-based Security Model (USM) for version 3 of the\n Simple Network Management Protocol (SNMPv3)\n + RFC 2575 View-based Access Control Model (VACM) for the\n Simple Network Management Protocol (SNMP)\n + RFC 2576 Coexistence between Version 1, Version 2, and\n Version 3 of the Internet-standard Network Management\n Framework\n _____________________________________________________________\n\n The CERT Coordination Center thanks the Oulu University Secure\n Programming Group for reporting these vulnerabilities to us, for\n providing detailed technical analyses, and for assisting us in\n preparing this advisory. We also thank Steven M. Bellovin (AT\u0026T\n Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP\n Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),\n Rob Thomas, Blue Boar (Thievco), and the many others who\n contributed to this document. \n _____________________________________________________________\n\n Feedback on this document can be directed to the authors, Ian A. \n Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D. \n Householder, Marty Lindner, and Art Manion. \n __________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2002-03.html\n __________________________________________________________________\n\n CERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n \n Using encryption\n We strongly urge you to encrypt sensitive information sent by\n email. Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n If you prefer to use DES, please call the CERT hotline for more\n information. \n \n Getting security information\n CERT publications and other security information are available\n from our web site\n http://www.cert.org/\n To subscribe to the CERT mailing list for advisories and\n bulletins, send email to majordomo@cert.org. Please include in the\n body of your message\n \n subscribe cert-advisory\n \n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n __________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the\n Software Engineering Institute is furnished on an \"as is\" basis. \n Carnegie Mellon University makes no warranties of any kind, either\n expressed or implied as to any matter including, but not limited\n to, warranty of fitness for a particular purpose or\n merchantability, exclusivity or results obtained from use of the\n material. Carnegie Mellon University does not make any warranty of\n any kind with respect to freedom from patent, trademark, or\n copyright infringement. \n _____________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n Copyright 2002 Carnegie Mellon University. \n\nRevision History\n\n February 12, 2002: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU\nR1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl\nQUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr\nuZiMJ5f2SEo=\n=h42e\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1570"
},
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "PACKETSTORM",
"id": "25758"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4089",
"trust": 2.7
},
{
"db": "BID",
"id": "4132",
"trust": 1.9
},
{
"db": "BID",
"id": "4732",
"trust": 1.9
},
{
"db": "NVD",
"id": "CVE-1999-1570",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#107186",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#854306",
"trust": 0.9
},
{
"db": "BID",
"id": "4088",
"trust": 0.8
},
{
"db": "VULN-DEV",
"id": "20020509 SAR -O EXPLOITATION PROCESS INFO.",
"trust": 0.6
},
{
"db": "XF",
"id": "8989",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "19990909 19 SCO 5.0.5+SKUNWARE98 BUFFER OVERFLOWS",
"trust": 0.6
},
{
"db": "CALDERA",
"id": "CSSA-2002-SCO.17",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "25758",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
}
]
},
"id": "VAR-200205-0149",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42828385666666663
},
"last_update_date": "2023-12-18T12:47:42.364000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1570"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/4089"
},
{
"trust": 1.7,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/"
},
{
"trust": 1.7,
"url": "http://www.cert.org/tech_tips/denial_of_service.html"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1215.txt"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1270.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc3000.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1212.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1213.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2570.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2571.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2572.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2573.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2574.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2575.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2576.txt"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4132"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4732"
},
{
"trust": 1.6,
"url": "ftp://stage.caldera.com/pub/security/openserver/cssa-2002-sco.17/cssa-2002-sco.17.txt"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/archive/1/27074"
},
{
"trust": 1.6,
"url": "http://www.iss.net/security_center/static/8989.php"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/4088"
},
{
"trust": 0.7,
"url": "http://www.cert.org/advisories/ca-2002-03.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f43365"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/news/474"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f46343"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-non-ios-pub.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1352.txt"
},
{
"trust": 0.1,
"url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/tech_tips/snmp_faq.html"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.1.02/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/ric/)"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/107186"
},
{
"trust": 0.1,
"url": "https://www.juniper.net."
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/securitypatch."
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/854306"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt/."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1067.txt"
},
{
"trust": 0.1,
"url": "https://www.dartware.com)"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1140.txt"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://www.sun.com/solstice/products/ent.agents/"
},
{
"trust": 0.1,
"url": "http://stage.caldera.com/support/security"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/)"
},
{
"trust": 0.1,
"url": "http://www.net-snmp.org/download/)."
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.ibm.com/software/lotus/support/)."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/sa/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1156.txt"
},
{
"trust": 0.1,
"url": "http://support.novell.com/tools/csp/"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/cpe/patches/"
},
{
"trust": 0.1,
"url": "https://www.covalent.net"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/mibscout/)"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/0100.h"
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/security."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1155.txt"
},
{
"trust": 0.1,
"url": "http://www.stonesoft.com/support/techcenter/"
},
{
"trust": 0.1,
"url": "http://www.sgi.com/support/security/."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1089.txt"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/3.1.22/relnotes.htm"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "NVD",
"id": "CVE-1999-1570"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-01-16T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2002-02-12T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4089"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2002-02-12T22:54:19",
"db": "PACKETSTORM",
"id": "25758"
},
{
"date": "2002-05-01T04:00:00",
"db": "NVD",
"id": "CVE-1999-1570"
},
{
"date": "2002-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-001"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4089"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2016-10-18T02:06:04.880000",
"db": "NVD",
"id": "CVE-1999-1570"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-001"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SNMPv1 trap handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "4089"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-001"
}
],
"trust": 0.9
}
}
VAR-200203-0024
Vulnerability from variot - Updated: 2023-12-18 12:47Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. The resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. Cisco products contain multiple vulnerabilities in handling of SNMP requests and traps. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. It is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)
Original release date: February 12, 2002 Last revised: -- Source: CERT/CC
A complete revision history can be found at the end of this file.
Systems Affected
Products from a very wide variety of vendors may be affected. See Vendor Information for details from vendors who have provided feedback for this advisory.
In addition to the vendors who provided feedback for this advisory, a list of vendors whom CERT/CC contacted regarding these problems is available from http://www.kb.cert.org/vuls/id/854306 http://www.kb.cert.org/vuls/id/107186
Many other systems making use of SNMP may also be vulnerable but were not specifically tested.
In addition to this advisory, we also have an FAQ available at http://www.cert.org/tech_tips/snmp_faq.html
I. Version 1 of the protocol (SNMPv1) defines several types of SNMP messages that are used to request information or configuration changes, respond to requests, enumerate SNMP objects, and send unsolicited alerts. The Oulu University Secure Programming Group (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous vulnerabilities in SNMPv1 implementations from many different vendors. More information about SNMP and OUSPG can be found in Appendix C
OUSPG's research focused on the manner in which SNMPv1 agents and managers handle request and trap messages. A trap message may indicate a warning or error condition or otherwise notify the manager about the agent's state. SNMP managers must properly decode trap messages and process the resulting data. Request messages might be issued to obtain information from an agent or to instruct the agent to configure the host device.
Vulnerabilities in the decoding and subsequent processing of SNMP messages by both managers and agents may result in denial-of-service conditions, format string vulnerabilities, and buffer overflows. Some vulnerabilities do not require the SNMP message to use the correct SNMP community string.
These vulnerabilities have been assigned the CVE identifiers CAN-2002-0012 and CAN-2002-0013, respectively.
II. Specific impacts will vary from product to product.
III. Solution
Note that many of the mitigation steps recommended below may have significant impact on your everyday network operations and/or network architecture. Ensure that any changes made based on the following recommendations will not unacceptably affect your ongoing network operations capability.
Apply a patch from your vendor
Appendix A contains information provided by vendors for this advisory. Please consult this appendix to determine if you need to contact your vendor directly.
Disable the SNMP service
As a general rule, the CERT/CC recommends disabling any service or capability that is not explicitly required, including SNMP. Unfortunately, some of the affected products exhibited unexpected behavior or denial of service conditions when exposed to the OUSPG test suite even if SNMP was not enabled. In these cases, disabling SNMP should be used in conjunction with the filtering practices listed below to provide additional protection.
Ingress filtering
As a temporary measure, it may be possible to limit the scope of these vulnerabilities by blocking access to SNMP services at the network perimeter.
Ingress filtering manages the flow of traffic as it enters a network under your administrative control. Servers are typically the only machines that need to accept inbound traffic from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound traffic to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound traffic to non-authorized services. For SNMP, ingress filtering of the following ports can prevent attackers outside of your network from impacting vulnerable devices in the local network that are not explicitly authorized to provide public SNMP services.
snmp 161/udp # Simple Network Management Protocol (SNMP) snmp 162/udp # SNMP system management messages
The following services are less common, but may be used on some affected products
snmp 161/tcp # Simple Network Management Protocol (SNMP) snmp 162/tcp # SNMP system management messages smux 199/tcp # SNMP Unix Multiplexer smux 199/udp # SNMP Unix Multiplexer synoptics-relay 391/tcp # SynOptics SNMP Relay Port synoptics-relay 391/udp # SynOptics SNMP Relay Port agentx 705/tcp # AgentX snmp-tcp-port 1993/tcp # cisco SNMP TCP port snmp-tcp-port 1993/udp # cisco SNMP TCP port
As noted above, you should carefully consider the impact of blocking services that you may be using.
It is important to note that in many SNMP implementations, the SNMP daemon may bind to all IP interfaces on the device. This has important consequences when considering appropriate packet filtering measures required to protect an SNMP-enabled device. For example, even if a device disallows SNMP packets directed to the IP addresses of its normal network interfaces, it may still be possible to exploit these vulnerabilities on that device through the use of packets directed at the following IP addresses: * "all-ones" broadcast address * subnet broadcast address * any internal loopback addresses (commonly used in routers for management purposes, not to be confused with the IP stack loopback address 127.0.0.1)
Careful consideration should be given to addresses of the types mentioned above by sites planning for packet filtering as part of their mitigation strategy for these vulnerabilities.
Finally, sites may wish to block access to the following RPC services related to SNMP (listed as name, program ID, alternate names)
snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys snmp-utk snmpv2 100138 na.snmpv2 # SNM Version 2.2.2 snmpXdmid 100249
Please note that this workaround may not protect vulnerable devices from internal attacks.
Filter SNMP traffic from non-authorized internal hosts
In many networks, only a limited number of network management systems need to originate SNMP request messages. Therefore, it may be possible to configure the SNMP agent systems (or the network devices in between the management and agent systems) to disallow request messages from non-authorized systems. This can reduce, but not wholly eliminate, the risk from internal attacks. However, it may have detrimental effects on network performance due to the increased load imposed by the filtering, so careful consideration is required before implementation. Similar caveats to the previous workaround regarding broadcast and loopback addresses apply.
Change default community strings
Most SNMP-enabled products ship with default community strings of "public" for read-only access and "private" for read-write access. As with any known default access control mechanism, the CERT/CC recommends that network administrators change these community strings to something of their own choosing. However, even when community strings are changed from their defaults, they will still be passed in plaintext and are therefore subject to packet sniffing attacks. SNMPv3 offers additional capabilities to ensure authentication and privacy as described in RFC2574.
Because many of the vulnerabilities identified in this advisory occur before the community strings are evaluated, it is important to note that performing this step alone is not sufficient to mitigate the impact of these vulnerabilities. Nonetheless, it should be performed as part of good security practice.
Segregate SNMP traffic onto a separate management network
In situations where blocking or disabling SNMP is not possible, exposure to these vulnerabilities may be limited by restricting all SNMP access to separate, isolated management networks that are not publicly accessible. Although this would ideally involve physically separate networks, that kind of separation is probably not feasible in most environments. Mechanisms such as virtual LANs (VLANs) may be used to help segregate traffic on the same physical network. Note that VLANs may not strictly prevent an attacker from exploiting these vulnerabilities, but they may make it more difficult to initiate the attacks.
Another option is for sites to restrict SNMP traffic to separate virtual private networks (VPNs), which employ cryptographically strong authentication.
Note that these solutions may require extensive changes to a site's network architecture.
Egress filtering
Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound traffic to the Internet. In the case of SNMP vulnerabilities, employing egress filtering on the ports listed above at your network border can prevent your network from being used as a source for attacks on other sites.
Disable stack execution
Disabling executable stacks (on systems where this is configurable) can reduce the risk of "stack smashing" attacks based on these vulnerabilities. Although this does not provide 100 percent protection against exploitation of these vulnerabilities, it makes the likelihood of a successful exploit much smaller. On many UNIX systems, executable stacks can be disabled by adding the following lines to /etc/system:
set noexec_user_stack = 1 set noexec_user_stack_log = 1
Note that this may go against the SPARC and Intel ABIs and can be bypassed as required in programs with mprotect(2). For the changes to take effect you will then need to reboot.
Other operating systems and architectures also support the disabling of executable stacks either through native configuration parameters or via third-party software. Consult your vendor(s) for additional information.
Share tools and techniques
Because dealing with these vulnerabilities to systems and networks is so complex, the CERT/CC will provide a forum where administrators can share ideas and techniques that can be used to develop proper defenses. We have created an unmoderated mailing list for system and network administrators to discuss helpful techniques and tools.
You can subscribe to the mailing list by sending an email message to majordomo@cert.org. In the body of the message, type
subscribe snmp-forum
After you receive the confirmation message, follow the instructions in the message to complete the subscription process.
Appendix A. - Vendor Information
This appendix contains information provided by vendors for this advisory. As vendors report new information to the CERT/CC, we will update this section and note the changes in our revision history. If a particular vendor is not listed below, we have not received their comments.
AdventNet
This is in reference to your notification regarding [VU#107186 and
VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this
behavior in their products and coded a Service Pack fix which is
currently in regression testing in AdventNet Inc.'s Q.A.
organization. The release of AdventNet Inc's. Service Pack
correcting the behavior outlined in VU#617947, and OUSPG#0100 is
scheduled to be generally available to all of AdventNet Inc.'s
customers by February 20, 2002.
Avaya
Avaya Inc.
CacheFlow
The purpose of this email is to advise you that CacheFlow Inc. has
provided a software update. Please be advised that updated versions
of the software are now available for all supported CacheFlow
hardware platforms, and may be obtained by CacheFlow customers at
the following URL:
http://download.cacheflow.com/
The specific reference to the software update is contained within the Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15 Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149.
RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm
RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm
* SR 1-1647517, VI 13045: This update modified a potential
vulnerability by using an SNMP test tools exploit.
3Com Corporation
A vulnerability to an SNMP packet with an invalid length community
string has been resolved in the following products. Customers
concerned about this weakness should ensure that they upgrade to
the following agent versions:
PS Hub 40
2.16 is due Feb 2002
PS Hub 50
2.16 is due Feb 2002
Dual Speed Hub
2.16 is due Jan 2002
Switch 1100/3300
2.68 is available now
Switch 4400
2.02 is available now
Switch 4900
2.04 is available now
WebCache1000/3000
2.00 is due Jan 2002
Caldera
Caldera International, Inc. has reproduced faulty behavior in
Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX
8. We have coded a software fix for supported versions of Caldera
UnixWare 7 and Caldera Open UNIX 8 that will be available from
our support site at http://stage.caldera.com/support/security
immediately following the publication of this CERT announcement. A
fix for supported versions of OpenServer 5 will be available at a
later date.
Cisco Systems
Cisco Systems is addressing the vulnerabilities identified by
VU#854306 and VU#107186 across its entire product line. Cisco will
publish a security advisory with further details at
http://www.cisco.com/go/psirt/.
Compaq Computer Corporation
x-ref: SSRT0779U SNMP
At the time of writing this document, COMPAQ continues to evaluate
this potential problem and when new versions of SNMP are available,
COMPAQ will implement solutions based on the new code. Compaq will
provide notice of any new patches as a result of that effort
through standard patch notification procedures and be available
from your normal Compaq Services support channel.
Computer Associates
Computer Associates has confirmed Unicenter vulnerability to the
SNMP advisory identified by CERT notification reference [VU#107186
& VU#854306] and OUSPG#0100. We have produced corrective
maintenance to address these vulnerabilities, which is in the
process of publication for all applicable releases / platforms and
will be offered through the CA Support site. Please contact our
Technical Support organization for information regarding
availability / applicability for your specific configuration(s).
COMTEK Services, Inc.
NMServer for AS/400 is not an SNMP master and is therefore not
vulnerable. However this product requires the use of the AS/400
SNMP master agent supplied by IBM.
NMServer for OpenVMS has been tested and has shown to be
vulnerable. COMTEK Services is preparing a new release of this
product (version 3.5) which will contain a fix for this problem.
This new release is scheduled to be available in February 2002.
Contact COMTEK Services for further information.
NMServer for VOS has not as yet been tested; vulnerability of this
agent is unknown. Contact for further information on the testing
schedule of the VOS product.
Covalent Technologies
Covalent Technologies ERS (Enterprise Ready Server), Secure Server,
and Conductor SNMP module are not vulnerable according to testing
performed in accordance with CERT recommendations. Security
information for Covalent products can be found at www.covalent.net
Dartware, LLC
Dartware, LLC (www.dartware.com) supplies two products that use
SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present
and past versions of these two software packages.
DMH Software
DMH Software is in the process of evaluating and attempting to
reproduce this behavior.
It is unclear at this point if our snmp-agent is sensitive to the
tests described above.
If any problems will be discovered, DMH Software will code a
software fix.
The release of DMH Software OS correcting the behavior outlined in
VU#854306, VU#107186, and OUSPG#0100 will be generally available to
all of DMH Software's customers as soon as possible.
EnGarde Secure Linux
EnGarde Secure Linux did not ship any SNMP packages in version
1.0.1 of our distribution, so we are not vulnerable to either bug.
FreeBSD
FreeBSD does not include any SNMP software by default, and so is
not vulnerable. However, the FreeBSD Ports Collection contains the
UCD-SNMP / NET-SNMP package. Package versions prior to
ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release
will ship the corrected version of the UCD-SNMP / NET-SNMP
package. In addition, the corrected version of the packages is
available from the FreeBSD mirrors.
FreeBSD has issued the following FreeBSD Security Advisory
regarding the UCD-SNMP / NET-SNMP package:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09.
snmp.asc.
Hewlett-Packard Company
SUMMARY - known vulnerable:
========================================
hp procurve switch 2524
NNM (Network Node Manager)
JetDirect Firmware (Older versions only)
HP-UX Systems running snmpd or OPENVIEW
MC/ServiceGuard
EMS
Still under investigation:
SNMP/iX (MPE/iX)
========================================
_________________________________________________________
---------------------------------------------------------
hp procurve switch 2524
---------------------------------------------------------
hp procurve switch 2525 (product J4813A) is vulnerable to some
issues, patches in process. Watch for the associated HP
Security Bulletin.
---------------------------------------------------------
NNM (Network Node Manager)
---------------------------------------------------------
Some problems were found in NNM product were related to
trap handling. Patches in process. Watch for the
associated HP Security Bulletin.
---------------------------------------------------------
JetDirect Firmware (Older versions only)
---------------------------------------------------------
ONLY some older versions of JetDirect Firmware are
vulnerable to some of the issues. The older firmware
can be upgraded in most cases, see list below.
JetDirect Firmware Version State
========================== =====
X.08.32 and higher NOT Vulnerable
X.21.00 and higher NOT Vulnerable
JetDirect Product Numbers that can be freely
upgraded to X.08.32 or X.21.00 or higher firmware.
EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)
J3110A 10T
J3111A 10T/10B2/LocalTalk
J3112A Token Ring (discontinued)
J3113A 10/100 (discontinued)
J4169A 10/100
J4167A Token Ring
MIO (Peripherals LaserJet 4, 4si, 5si, etc...)
J2550A/B 10T (discontinued)
J2552A/B 10T/10Base2/LocalTalk (discontinued)
J2555A/B Token Ring (discontinued)
J4100A 10/100
J4105A Token Ring
J4106A 10T
External Print Servers
J2591A EX+ (discontinued)
J2593A EX+3 10T/10B2 (discontinued)
J2594A EX+3 Token Ring (discontinued)
J3263A 300X 10/100
J3264A 500X Token Ring
J3265A 500X 10/100
----------------------------------------------------------
HP-UX Systems running snmpd or OPENVIEW
----------------------------------------------------------
The following patches are available now:
PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch
PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch
PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated
Patch
All three patches are available from:
http://support.openview.hp.com/cpe/patches/
In addition PHSS_26137 and PHSS_26138 will soon be available from:
http://itrc.hp.com
================================================================
NOTE: The patches are labeled OV(Open View). However, the patches
are also applicable to systems that are not running Open View.
=================================================================
Any HP-UX 10.X or 11.X system running snmpd or snmpdm is
vulnerable.
To determine if your HP-UX system has snmpd or snmpdm installed:
swlist -l file | grep snmpd
If a patch is not available for your platform or you cannot install
an available patch, snmpd and snmpdm can be disabled by removing
their
entries from /etc/services and removing the execute permissions
from
/usr/sbin/snmpd and /usr/sbin/snmpdm.
----------------------------------------------------------------
Investigation completed, systems vulnerable.
----------------------------------------------------------------
MC/ServiceGuard
Event Monitoring System (EMS)
----------------------------------------------------------------
Still under investigation:
----------------------------------------------------------------
SNMP/iX (MPE/iX)
Hirschmann Electronics GmbH & Co. KG
Hirschmann Electronics GmbH & Co. KG supplies a broad range of
networking products, some of which are affected by the SNMP
vulnerabilities identified by CERT Coordination Center. The manner
in which they are affected and the actions required to avoid being
impacted by exploitation of these vulnerabilities, vary from
product to product. Hirschmann customers may contact our Competence
Center (phone +49-7127-14-1538, email:
ans-support@nt.hirschmann.de) for additional information,
especially regarding availability of latest firmware releases
addressing the SNMP vulnerabilities.
IBM Corporation
Based upon the results of running the test suites we have
determined that our version of SNMP shipped with AIX is NOT
vulnerable.
Innerdive Solutions, LLC
Innerdive Solutions, LLC has two SNMP based products:
1. The "SNMP MIB Scout"
(http://www.innerdive.com/products/mibscout/)
2. The "Router IP Console" (http://www.innerdive.com/products/ric/)
The "SNMP MIB Scout" is not vulnerable to either bug.
The "Router IP Console" releases prior to 3.3.0.407 are vulnerable.
The release of "Router IP Console" correcting the behavior outlined
in OUSPG#0100 is 3.3.0.407 and is already available on our site.
Also, we will notify all our customers about this new release no
later than March 5, 2002.
Juniper Networks
This is in reference to your notification regarding CAN-2002-0012
and CAN-2002-0013. Juniper Networks has reproduced this behavior
and coded a software fix. The fix will be included in all releases
of JUNOS Internet software built after January 5, 2002. Customers
with current support contracts can download new software with the
fix from Juniper's web site at www.juniper.net.
Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can
only be reproduced in JUNOS Internet software if certain tracing
options are enabled. These options are generally not enabled in
production routers.
Lantronix, Inc.
Lantronix is committed to resolving security issues with our
products. The SNMP security bug you reported has been fixed in LRS
firmware version B1.3/611(020123).
Lotus Development Corporation
Lotus Software evaluated the Lotus Domino Server for
vulnerabilities using the test suite materials provided by OUSPG.
This problem does not affect default installations of the Domino
Server. However, SNMP agents can be installed from the CD to
provide SNMP services for the Domino Server (these are located in
the /apps/sysmgmt/agents directory). The optional platform
specific master and encapsulator agents included with the Lotus
Domino SNMP Agents for HP-UX and Solaris have been found to be
vulnerable. For those platforms, customers should upgrade to
version R5.0.1 a of the Lotus Domino SNMP Agents, available for
download from the Lotus Knowledge Base on the IBM Support Web Site
(http://www.ibm.com/software/lotus/support/). Please refer to
Document #191059, "Lotus Domino SNMP Agents R5.0.1a", also in the
Lotus Knowledge Base, for more details.
LOGEC Systems Inc
The products from LOGEC Systems are exposed to SNMP only via HP
OpenView. We do not have an implementation of SNMP ourselves. As
such, there is nothing in our products that would be an issue with
this alert.
Lucent
Lucent is aware of reports that there is a vulnerability in certain
implementations of the SNMP (Simple Network Management Protocol)
code that is used in data switches and other hardware throughout
the telecom industry.
As soon as we were notified by CERT, we began assessing our product
portfolio and notifying customers with products that might be
affected.
Our 5ESS switch and most of our optical portfolio were not
affected. Our core and edge ATM switches and most of our edge
access products are affected, but we have developed, tested, and
deployed fixes for many of those products to our customers. Fixes
for the rest of the affected product portfolio will be available
shortly.
We consider the security and reliability of our customers' networks
to be one of our critical measures of success. We take every
reasonable measure to ensure their satisfaction.
In addition, we are working with customers on ways to further
enhance the security they have in place today.
Marconi
Marconi supplies a broad range of telecommunications and related
products, some of which are affected by the SNMP vulnerabilities
identified here. The manner in which they are affected and the
actions required (if any) to avoid being impacted by exploitation
of these vulnerabilities, vary from product to product. Those
Marconi customers with support entitlement may contact the
appropriate Technical Assistance Center (TAC) for additional
information. Those not under support entitlement may contact their
sales representative.
Microsoft Corporation
The Microsoft Security Reponse [sic] Center has investigated this
issue, and provides the following information.
Summary:
All Microsoft implementations of SNMP v1 are affected by the
vulnerability. The SNMP v1 service is not installed or running by
default on any version of Windows. A patch is underway to eliminate
the vulnerability. In the meantime, we recommend that affected
customers disable the SNMP v1 service.
Details:
An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE.
It is not installed or running by default on any of these
platforms. An SNMP v1 is NOT provided for Windows ME. However, it
is possible that Windows 98 machines which had the service
installed and were upgraded would still have the service. Since
SNMP is not supported for WinME, customers in this situation are
urged to remove the SNMP service.
An SNMP v1 service is available on Windows NT 4.0 (including
Terminal Server Edition) and Windows 2000 but is not installed or
running by default on any of these platforms.Windows XP does not
ship with an SNMP v1 service.
Remediation:
A patch is underway for the affected platforms, and will be
released shortly. In the meantime, Microsoft recommends that
customers who have the SNMP v1 service running disable it to
protect their systems. Following are instruction for doing this:
Windows 95, 98 and 98SE:
1. In Control Panel, double-click Network.
2. On the Configuration tab, select Microsoft SNMP Agent from the
list of installed components.
3. Click Remove
Check the following keys and confirm that snmp.exe is not listed.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunSer
vices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
For Windows XP:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
For Windows NT 4.0 (including Terminal Server Edition):
1. Select Start, then Settings.
2. Select Control Panel, then click on the Services Icon
3. Locate SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close Control Panel
Windows 2000:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
Multinet
MultiNet and TCPware customers should contact Process Software to
check for the availability of patches for this issue. A couple of
minor problems were found and fixed, but there is no security risk
related to the SNMP code included with either product.
Netaphor
NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP
Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,
two Java based products that may be affected by the SNMP
vulnerabilities identified here. The manner in which they are
affected and the actions required (if any) to avoid being impacted
by exploitation of these vulnerabilities, may be obtained by
contacting Netaphor via email at info@netaphor.com Customers with
annual support may contact support@netaphor.com directly. Those not
under support entitlement may contact Netaphor sales:
sales@netaphor.com or (949) 470 7955 in USA.
NetBSD
NetBSD does not ship with any SNMP tools in our 'base' releases. We
do provide optional packages which provide various support for
SNMP. These packages are not installed by default, nor are they
currently provided as an install option by the operating system
installation tools. A system administrator/end-user has to manually
install this with our package management tools. These SNMP packages
include:
+ netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for
netsaint)
+ p5-Net-SNMP-3.60 (perl5 module for SNMP queries)
+ p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP
library
+ p5-SNMP_Session-0.83 (perl5 module providing rudimentary
access to remote SNMP agents)
+ ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.1.2)
+ ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.2.1)
We do provide a software monitoring mechanism called
'audit-packages', which allows us to highlight if a package with a
range of versions has a potential vulnerability, and recommends
that the end-user upgrade the packages in question.
Netscape Communications Corporation
Netscape continues to be committed to maintaining a high level of
quality in our software and service offerings. Part of this
commitment includes prompt response to security issues discovered
by organizations such as the CERT Coordination Center.
According to a recent CERT/CC advisory, The Oulu University Secure
Programming Group (OUSPG) has reported numerous vulnerabilities in
multiple vendor SNMPv1 implementations.
We have carefully examined the reported findings, performing the
tests suggested by the OUSPG to determine whether Netscape server
products were subject to these vulnerabilities. It was determined
that several products fell into this category. As a result, we have
created fixes which will resolve the issues, and these fixes will
appear in future releases of our product line. To Netscape's
knowledge, there are no known instances of these vulnerabilities
being exploited and no customers have been affected to date.
When such security warnings are issued, Netscape has committed to -
and will continue to commit to - resolving these issues in a prompt
and timely fashion, ensuring that our customers receive products of
the highest quality and security.
NET-SNMP
All ucd-snmp version prior to 4.2.2 are susceptible to this
vulnerability and users of versions prior to version 4.2.2 are
encouraged to upgrade their software as soon as possible
(http://www.net-snmp.org/download/). Version 4.2.2 and higher are
not susceptible.
Network Associates
PGP is not affected, impacted, or otherwise related to this VU#.
Network Computing Technologies
Network Computing Technologies has reviewed the information
regarding SNMP vulnerabilities and is currently investigating the
impact to our products.
Nokia
This vulnerability is known to affect IPSO versions 3.1.3, 3.3,
3.3.1, 3.4, and 3.4.1. Patches are currently available for
versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia
website. In addition, version 3.4.2 shipped with the patch
incorporated, and the necessary fix will be included in all future
releases of IPSO.
We recommend customers install the patch immediately or follow the
recommended precautions below to avoid any potential exploit.
If you are not using SNMP services, including Traps, simply disable
the SNMP daemon to completely eliminate the potential
vulnerability.
If you are using only SNMP Traps and running Check Point
FireWall-1, create a firewall policy to disallow incoming SNMP
messages on all appropriate interfaces. Traps will continue to work
normally.
Nortel Networks
The CERT Coordination Center has issued a broad based alert to the
technology industry, including Nortel Networks, regarding potential
security vulnerabilities identified in the Simple Network
Management Protocol (SNMP), a common networking standard. The
company is working with CERT and other network equipment
manufacturers, the U.S. Government, service providers, and software
suppliers to assess and address this issue.
Novell
Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x
and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on
NetWare are fixed and will be available through NetWare 6 Support
Pack 1 & NetWare 5.1 Support Pack 4. Support packs are available at
http://support.novell.com/tools/csp/
OpenBSD
OpenBSD does not ship SNMP code.
Qualcomm
WorldMail does not support SNMP by default, so customers who run
unmodified installations are not vulnerable.
Redback Networks, Inc.
Redback Networks, Inc. has identified that the vulnerability in
question affects certain versions of AOS software on the SMS 500,
SMS 1800, and SMS 10000 platforms, and is taking the appropriate
steps necessary to correct the issue.
Red Hat
RedHat has released a security advisiory [sic] at
http://www.redhat.com/support/errata/RHSA-2001-163.html
with updated versions of the ucd-snmp package for all supported
releases and architectures. For more information or to download the
update please visit this page.
SGI
SGI acknowledges the SNMP vulnerabilities reported by CERT and is
currently investigating.
For the protection of all our customers, SGI does not disclose,
discuss or confirm vulnerabilities until a full investigation has
occurred and any necessary patch(es) or release streams are
available for all vulnerable and supported IRIX operating systems.
Until SGI has more definitive information to provide, customers are
encouraged to assume all security vulnerabilities as exploitable
and take appropriate steps according to local site security
policies and requirements. As further information becomes
available, additional advisories will be issued via the normal SGI
security information distribution methods including the wiretap
mailing list on http://www.sgi.com/support/security/.
SNMP Research International
SNMP Research has made the following vendor statement. They are
likely to revise and expand the statement as the date for the
public vulnerability announcement draws nearer. Users maintaining
earlier releases should update to the current release if they have
not already done so. Other Stonesoft's products are
still under investigation. As further information becomes
available, additional advisories will be available at
http://www.stonesoft.com/support/techcenter/
Sun Microsystems, Inc.
Sun's SNMP product, Solstice Enterprise Agents (SEA), described
here:
http://www.sun.com/solstice/products/ent.agents/
is affected by VU#854306 but not VU#107186. More specifically the
main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8.
Sun is currently generating patches for this issue and will be
releasing a Sun Security Bulletin once the patches are available.
The bulletin will be available from:
http://sunsolve.sun.com/security. Sun patches are available from:
http://sunsolve.sun.com/securitypatch.
Symantec Corporation
Symantec Corporation has investigated the SNMP issues identified by
the OUSPG test suite and determined that Symantec products are not
susceptable [sic] to these issues.
TANDBERG
Tandberg have run all the testcases found the PROTOS test-suie
[sic], c06snmpv1:
1. c06-snmpv1-trap-enc-pr1.jar
2. c06-snmpv1-treq-app-pr1.jar
3. c06-snmpv1-trap-enc-pr1.jar
4. c06-snmpv1-req-app-pr1.jar
The tests were run with standard delay time between the requests
(100ms), but also with a delay of 1ms. The tests applies to all
TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The
software tested on these products were B4.0 (our latest software)
and no problems were found when running the test suite.
Tivoli Systems
Our analysis indicates that this vulnerability does not affect the
Tivoli NetView product.
Appendix B. - References 1. http://www.ee.oulu.fi/research/ouspg/protos/ 2. http://www.kb.cert.org/vuls/id/854306 3. http://www.kb.cert.org/vuls/id/107186 4. http://www.cert.org/tech_tips/denial_of_service.html 5. http://www.ietf.org/rfc/rfc1067.txt 6. http://www.ietf.org/rfc/rfc1089.txt 7. http://www.ietf.org/rfc/rfc1140.txt 8. http://www.ietf.org/rfc/rfc1155.txt 9. http://www.ietf.org/rfc/rfc1156.txt 10. http://www.ietf.org/rfc/rfc1215.txt 11. http://www.ietf.org/rfc/rfc1270.txt 12. http://www.ietf.org/rfc/rfc1352.txt
Appendix C. - Background Information
Background Information on the OUSPG
OUSPG is an academic research group located at Oulu University in
Finland. The purpose of this research group is to test software
for vulnerabilities.
History has shown that the techniques used by the OUSPG have
discovered a large number of previously undetected problems in the
products and protocols they have tested. In 2001, the OUSPG
produced a comprehensive test suite for evaluating implementations
of the Lightweight Directory Access Protocol (LDAP). This test
suite was developed with the strategy of abusing the protocol in
unsupported and unexpected ways, and it was very effective in
uncovering a wide variety of vulnerabilities across several
products. This approach can reveal vulnerabilities that would not
manifest themselves under normal conditions.
After completing its work on LDAP, OUSPG moved its focus to
SNMPv1. As with LDAP, they designed a custom test suite, began
testing a selection of products, and found a number of
vulnerabilities. Because OUSPG's work on LDAP was similar in
procedure to its current work on SNMP, you may wish to review the
LDAP Test Suite and CERT Advisory CA-2001-18, which outlined
results of application of the test suite.
In order to test the security of protocols like SNMPv1, the PROTOS
project presents a server with a wide variety of sample packets
containing unexpected values or illegally formatted data. As a
member of the PROTOS project consortium, the OUSPG used the PROTOS
c06-snmpv1 test suite to study several implementations of the
SNMPv1 protocol. Results of the test suites run against SNMP
indicate that there are many different vulnerabilities on many
different implementations of SNMP. Software and
firmware products designed for networks often make use of the SNMP
protocol. SNMP runs on a multitude of devices and operating
systems, including, but not limited to,
+ Core Network Devices (Routers, Switches, Hubs, Bridges, and
Wireless Network Access Points)
+ Operating Systems
+ Consumer Broadband Network Devices (Cable Modems and DSL
Modems)
+ Consumer Electronic Devices (Cameras and Image Scanners)
+ Networked Office Equipment (Printers, Copiers, and FAX
Machines)
+ Network and Systems Management/Diagnostic Frameworks (Network
Sniffers and Network Analyzers)
+ Uninterruptible Power Supplies (UPS)
+ Networked Medical Equipment (Imaging Units and Oscilloscopes)
+ Manufacturing and Processing Equipment
The SNMP protocol is formally defined in RFC1157. Quoting from
that RFC:
Implicit in the SNMP architectural model is a collection
of network management stations and network elements.
Network management stations execute management
applications which monitor and control network elements.
Network elements are devices such as hosts, gateways,
terminal servers, and the like, which have management
agents responsible for performing the network management
functions requested by the network management stations.
Additionally, SNMP is discussed in a number of other RFC
documents:
+ RFC 3000 Internet Official Protocol Standards
+ RFC 1212 Concise MIB Definitions
+ RFC 1213 Management Information Base for Network Management
of TCP/IP-based Internets: MIB-II
+ RFC 1215 A Convention for Defining Traps for use with the
SNMP
+ RFC 1270 SNMP Communications Services
+ RFC 2570 Introduction to Version 3 of the Internet-standard
Network Management Framework
+ RFC 2571 An Architecture for Describing SNMP Management
Frameworks
+ RFC 2572 Message Processing and Dispatching for the Simple
Network Management Protocol (SNMP)
+ RFC 2573 SNMP Applications
+ RFC 2574 User-based Security Model (USM) for version 3 of the
Simple Network Management Protocol (SNMPv3)
+ RFC 2575 View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP)
+ RFC 2576 Coexistence between Version 1, Version 2, and
Version 3 of the Internet-standard Network Management
Framework
_____________________________________________________________
The CERT Coordination Center thanks the Oulu University Secure
Programming Group for reporting these vulnerabilities to us, for
providing detailed technical analyses, and for assisting us in
preparing this advisory. We also thank Steven M. Bellovin (AT&T
Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP
Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),
Rob Thomas, Blue Boar (Thievco), and the many others who
contributed to this document.
_____________________________________________________________
Feedback on this document can be directed to the authors, Ian A.
Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D.
Householder, Marty Lindner, and Art Manion.
__________________________________________________________________
This document is available from:
http://www.cert.org/advisories/CA-2002-03.html
__________________________________________________________________
CERT/CC Contact Information
Email: cert@cert.org
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
Postal address:
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /
EDT(GMT-4) Monday through Friday; they are on call for emergencies
during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by
email. Our public PGP key is available from
http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more
information.
Getting security information
CERT publications and other security information are available
from our web site
http://www.cert.org/
To subscribe to the CERT mailing list for advisories and
bulletins, send email to majordomo@cert.org. Please include in the
body of your message
subscribe cert-advisory
* "CERT" and "CERT Coordination Center" are registered in the U.S.
Patent and Trademark Office.
__________________________________________________________________
NO WARRANTY
Any material furnished by Carnegie Mellon University and the
Software Engineering Institute is furnished on an "as is" basis.
Carnegie Mellon University makes no warranties of any kind, either
expressed or implied as to any matter including, but not limited
to, warranty of fitness for a particular purpose or
merchantability, exclusivity or results obtained from use of the
material. Carnegie Mellon University does not make any warranty of
any kind with respect to freedom from patent, trademark, or
copyright infringement.
_____________________________________________________________
Conditions for use, disclaimers, and sponsorship information
Copyright 2002 Carnegie Mellon University.
Revision History
February 12, 2002: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU R1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl QUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr uZiMJ5f2SEo= =h42e -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200203-0024",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.0",
"scope": "ne",
"trust": 5.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1",
"scope": "ne",
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "windows nt",
"scope": "eq",
"trust": 2.2,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adventnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "american power conversion",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "aprisma",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bea",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bmc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cnt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "comtek services",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cscare",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cacheflow",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "carrier access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "compaq computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "concord",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dart",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "entrada",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "equinox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fluke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "general datacomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hirschmann",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "iplanet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "itouch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "infovista",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "inktomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "innerdive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "karlnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lantronix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "larscom incorporated",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mg soft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "marconi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mercury interactive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "metrobility optical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "micromuse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "monfox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "multinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net snmp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network harmoni",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nbase xyplex",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscout",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netsilicon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscape",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwave",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "optical access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "perle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "powerware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "radware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "snmp research",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sniffer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonicwall",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "symantec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "the sco group sco unix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "tivoli",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "toshiba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "unisphere",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vertical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vina",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "world wide packets",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "xerox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "e security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net com",
"version": null
},
{
"model": "ios 12.2",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "windows 2000",
"scope": null,
"trust": 1.4,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 98se",
"scope": null,
"trust": 1.2,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.0 xe",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 dc2",
"scope": "ne",
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "windows 95",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows 98",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows 98se",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "windows 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "ios 12.0 s6",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nudesign team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "outback resource group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "veritas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bintec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "interniche",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ncipher corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98 scd"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "me"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (server)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (terminal_srv)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (workstation)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.0 s7",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bx",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 xe?",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "ios 12.0 s1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 wc1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xu",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "ios 12.1 ex",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "windows 98",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "gold"
},
{
"model": "windows 95",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "gold"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "ios 12.0 wc 2900xl-lre",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4700"
},
{
"model": "ios 12.2 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7"
},
{
"model": "as5850",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000"
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ca1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(4.206)"
},
{
"model": "netranger sensor",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "as5200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vg248 analog phone gateway",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2gs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7750"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(8)"
},
{
"model": "ios 12.0 wt6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1"
},
{
"model": "traffic director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "ios 12.1 e5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "ios 12.0 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ya2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5300",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "cbos b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 11.1 cc4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 4840g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 aa4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "39203.0(7)"
},
{
"model": "secure ids network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ios 12.2 mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7100"
},
{
"model": "cva120",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst native mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "ios 12.1 ea1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xq",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2sa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1005"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.015"
},
{
"model": "ios 12.2 mx1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1.200)"
},
{
"model": "bpx/igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "ap340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10700"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "ios 12.1 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "distributed director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2501"
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "ios 12.1 yi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 2948g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6"
},
{
"model": "ios 12.1 ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(7.202)"
},
{
"model": "ios 12.2 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232"
},
{
"model": "ios 12.1 ec",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "user registration tool vlan policy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "ios 11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8240",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7010"
},
{
"model": "unity server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst hybrid mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ios 12.0 wc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1)"
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "snmpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "ios 12.0 st5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ios 12.0 sl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.2"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 db2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.10"
},
{
"model": "ios 12.1 ey",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ios 12.0 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "catalyst msm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "nsp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.1 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "info center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "ios 12.0 wx5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "arrowpoint cs11000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure ids host sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2950"
},
{
"model": "ios 11.1 ct",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr7200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios 12.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ia",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv4"
},
{
"model": "ios 12.1 t12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1548"
},
{
"model": "ios 12.1 e12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 sx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.0 st",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8510csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bpx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xz7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2920"
},
{
"model": "ios 12.1 ea1b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2p",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "as5800",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 p2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6200"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1700"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "ios 12.1 e7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "ios 12.2 t1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "ios 12.2 xa5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.1"
},
{
"model": "ios 12.1 ew1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ca",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.053"
},
{
"model": "catalyst 2948g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "ios 12.2 mb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ios 12.2 t0a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "ios 12.0 wc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ap350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sl6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5400",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
},
{
"model": "ios 12.0 wc2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1400"
},
{
"model": "ios 12.1 yb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "ios 12.1 e6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(3)"
},
{
"model": "bts",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"model": "ios 12.0 sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.8"
},
{
"model": "ubr900",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(2)"
},
{
"model": "ios 12.2 xb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 t2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(7)"
},
{
"model": "ios 12.1 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 sa6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sc2200/vsc3000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wan manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "infocenter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "570"
},
{
"model": "call manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 bc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8260",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(6)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "ios 12.1 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "ios 12.2 xj1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bc1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 12.1 xm7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "catalyst supervisor module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ap352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7600"
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(7)xv"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3.210)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(13)"
},
{
"model": "ios 12.2da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "505"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "netranger",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ex3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.0sl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "br350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "ios 12.2 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "ios 12.0 st3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4500"
},
{
"model": "ios 12.2 xw1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 da3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "ons metro edge optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15327"
},
{
"model": "ios 12.2 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microhub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1500"
},
{
"model": "ios 12.2 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "ios 12.0sc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232-13"
},
{
"model": "ios 11.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "mgx-8220",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "element management framework",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "catalyst 4908g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wgb340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks windows/wug",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(5)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios 12.0 s2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 gs6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "ios 12.0 xf1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"model": "rsfc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "ios 12.1 ec1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6624",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "ios 11.1 ca2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "secure pix firewall",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7500"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "ios 12.2 xi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.11"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "wgb352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cat6k nam",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fasthub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4001.0"
},
{
"model": "ios 12.2 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.1 ea2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rsm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nrp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.4"
},
{
"model": "ws-x6608",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1600"
},
{
"model": "ios 12.1 xz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xs?",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.9"
},
{
"model": "catalyst 8510msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2500"
},
{
"model": "ios 12.2 ya1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "service expansion shelf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "ios 12.0 xe1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "iad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8110"
},
{
"model": "ios 12.1 ex4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.1 e9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 11.1ct",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "ios 12.1 xp",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7300"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3550"
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ciscoworks windows",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.2 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "esr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "ls1010 atm switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 dc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7.002"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "ios 12.1 xi8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3900"
},
{
"model": "ios 11.3 db1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "800"
},
{
"model": "mc3810",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1cc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7200"
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(4)"
},
{
"model": "catalyst 4912g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "cbos ap",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "ios 12.2 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr10000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(2)"
},
{
"model": "ios 12.2 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000035"
},
{
"db": "NVD",
"id": "CVE-2002-0053"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-006"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0053"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0053",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2002-0053",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0053",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#107186",
"trust": 0.8,
"value": "69.26"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#854306",
"trust": 0.8,
"value": "42.64"
},
{
"author": "CNNVD",
"id": "CNNVD-200203-006",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000035"
},
{
"db": "NVD",
"id": "CVE-2002-0053"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-006"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. For details, refer to each product.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. \nThe resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. Cisco products contain multiple vulnerabilities in handling of SNMP requests and traps. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. \nIt is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2002-03: Multiple Vulnerabilities in Many\nImplementations of the Simple Network Management Protocol (SNMP)\n\n Original release date: February 12, 2002\n Last revised: --\n Source: CERT/CC\n\n A complete revision history can be found at the end of this file. \n\nSystems Affected\n\n Products from a very wide variety of vendors may be affected. See\n Vendor Information for details from vendors who have provided feedback\n for this advisory. \n\n In addition to the vendors who provided feedback for this advisory, a\n list of vendors whom CERT/CC contacted regarding these problems is\n available from\n http://www.kb.cert.org/vuls/id/854306\n http://www.kb.cert.org/vuls/id/107186 \n\n Many other systems making use of SNMP may also be vulnerable but were\n not specifically tested. \n\n In addition to this advisory, we also have an FAQ available at\n http://www.cert.org/tech_tips/snmp_faq.html\n\nI. \n Version 1 of the protocol (SNMPv1) defines several types of SNMP\n messages that are used to request information or configuration\n changes, respond to requests, enumerate SNMP objects, and send\n unsolicited alerts. The Oulu University Secure Programming Group\n (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous\n vulnerabilities in SNMPv1 implementations from many different vendors. \n More information about SNMP and OUSPG can be found in Appendix C\n\n OUSPG\u0027s research focused on the manner in which SNMPv1 agents and\n managers handle request and trap messages. A trap message\n may indicate a warning or error condition or otherwise notify the\n manager about the agent\u0027s state. SNMP managers must properly decode\n trap messages and process the resulting data. Request\n messages might be issued to obtain information from an agent or to\n instruct the agent to configure the host device. \n\n Vulnerabilities in the decoding and subsequent processing of SNMP\n messages by both managers and agents may result in denial-of-service\n conditions, format string vulnerabilities, and buffer overflows. Some\n vulnerabilities do not require the SNMP message to use the correct\n SNMP community string. \n\n These vulnerabilities have been assigned the CVE identifiers\n CAN-2002-0012 and CAN-2002-0013, respectively. \n\nII. Specific impacts will vary from product to\n product. \n\nIII. Solution\n\n Note that many of the mitigation steps recommended below may have\n significant impact on your everyday network operations and/or network\n architecture. Ensure that any changes made based on the following\n recommendations will not unacceptably affect your ongoing network\n operations capability. \n\nApply a patch from your vendor\n\n Appendix A contains information provided by vendors for this advisory. \n Please consult this appendix to determine if you need to contact your\n vendor directly. \n\nDisable the SNMP service\n\n As a general rule, the CERT/CC recommends disabling any service or\n capability that is not explicitly required, including SNMP. \n Unfortunately, some of the affected products exhibited unexpected\n behavior or denial of service conditions when exposed to the OUSPG\n test suite even if SNMP was not enabled. In these cases, disabling\n SNMP should be used in conjunction with the filtering practices listed\n below to provide additional protection. \n\nIngress filtering\n\n As a temporary measure, it may be possible to limit the scope of these\n vulnerabilities by blocking access to SNMP services at the network\n perimeter. \n\n Ingress filtering manages the flow of traffic as it enters a network\n under your administrative control. Servers are typically the only\n machines that need to accept inbound traffic from the public Internet. \n In the network usage policy of many sites, there are few reasons for\n external hosts to initiate inbound traffic to machines that provide no\n public services. Thus, ingress filtering should be performed at the\n border to prohibit externally initiated inbound traffic to\n non-authorized services. For SNMP, ingress filtering of the following\n ports can prevent attackers outside of your network from impacting\n vulnerable devices in the local network that are not explicitly\n authorized to provide public SNMP services. \n\n snmp 161/udp # Simple Network Management Protocol (SNMP)\n snmp 162/udp # SNMP system management messages\n\n The following services are less common, but may be used on some\n affected products\n\n snmp 161/tcp # Simple Network Management Protocol\n (SNMP)\n snmp 162/tcp # SNMP system management messages\n smux 199/tcp # SNMP Unix Multiplexer\n smux 199/udp # SNMP Unix Multiplexer\n synoptics-relay 391/tcp # SynOptics SNMP Relay Port\n synoptics-relay 391/udp # SynOptics SNMP Relay Port\n agentx 705/tcp # AgentX\n snmp-tcp-port 1993/tcp # cisco SNMP TCP port\n snmp-tcp-port 1993/udp # cisco SNMP TCP port\n\n As noted above, you should carefully consider the impact of blocking\n services that you may be using. \n\n It is important to note that in many SNMP implementations, the SNMP\n daemon may bind to all IP interfaces on the device. This has important\n consequences when considering appropriate packet filtering measures\n required to protect an SNMP-enabled device. For example, even if a\n device disallows SNMP packets directed to the IP addresses of its\n normal network interfaces, it may still be possible to exploit these\n vulnerabilities on that device through the use of packets directed at\n the following IP addresses:\n * \"all-ones\" broadcast address\n * subnet broadcast address\n * any internal loopback addresses (commonly used in routers for\n management purposes, not to be confused with the IP stack loopback\n address 127.0.0.1)\n\n Careful consideration should be given to addresses of the types\n mentioned above by sites planning for packet filtering as part of\n their mitigation strategy for these vulnerabilities. \n\n Finally, sites may wish to block access to the following RPC services\n related to SNMP (listed as name, program ID, alternate names)\n\n snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys\n snmp-utk\n snmpv2 100138 na.snmpv2 # SNM Version 2.2.2\n snmpXdmid 100249\n\n Please note that this workaround may not protect vulnerable devices\n from internal attacks. \n\nFilter SNMP traffic from non-authorized internal hosts\n\n In many networks, only a limited number of network management systems\n need to originate SNMP request messages. Therefore, it may be possible\n to configure the SNMP agent systems (or the network devices in between\n the management and agent systems) to disallow request messages from\n non-authorized systems. This can reduce, but not wholly eliminate, the\n risk from internal attacks. However, it may have detrimental effects\n on network performance due to the increased load imposed by the\n filtering, so careful consideration is required before implementation. \n Similar caveats to the previous workaround regarding broadcast and\n loopback addresses apply. \n\nChange default community strings\n\n Most SNMP-enabled products ship with default community strings of\n \"public\" for read-only access and \"private\" for read-write access. As\n with any known default access control mechanism, the CERT/CC\n recommends that network administrators change these community strings\n to something of their own choosing. However, even when community\n strings are changed from their defaults, they will still be passed in\n plaintext and are therefore subject to packet sniffing attacks. SNMPv3\n offers additional capabilities to ensure authentication and privacy as\n described in RFC2574. \n\n Because many of the vulnerabilities identified in this advisory occur\n before the community strings are evaluated, it is important to note\n that performing this step alone is not sufficient to mitigate the\n impact of these vulnerabilities. Nonetheless, it should be performed\n as part of good security practice. \n\nSegregate SNMP traffic onto a separate management network\n\n In situations where blocking or disabling SNMP is not possible,\n exposure to these vulnerabilities may be limited by restricting all\n SNMP access to separate, isolated management networks that are not\n publicly accessible. Although this would ideally involve physically\n separate networks, that kind of separation is probably not feasible in\n most environments. Mechanisms such as virtual LANs (VLANs) may be used\n to help segregate traffic on the same physical network. Note that\n VLANs may not strictly prevent an attacker from exploiting these\n vulnerabilities, but they may make it more difficult to initiate the\n attacks. \n\n Another option is for sites to restrict SNMP traffic to separate\n virtual private networks (VPNs), which employ cryptographically strong\n authentication. \n\n Note that these solutions may require extensive changes to a site\u0027s\n network architecture. \n\nEgress filtering\n\n Egress filtering manages the flow of traffic as it leaves a network\n under your administrative control. There is typically limited need for\n machines providing public services to initiate outbound traffic to the\n Internet. In the case of SNMP vulnerabilities, employing egress\n filtering on the ports listed above at your network border can prevent\n your network from being used as a source for attacks on other sites. \n\nDisable stack execution\n\n Disabling executable stacks (on systems where this is configurable)\n can reduce the risk of \"stack smashing\" attacks based on these\n vulnerabilities. Although this does not provide 100 percent protection\n against exploitation of these vulnerabilities, it makes the likelihood\n of a successful exploit much smaller. On many UNIX systems, executable\n stacks can be disabled by adding the following lines to /etc/system:\n\n set noexec_user_stack = 1 set noexec_user_stack_log = 1\n\n Note that this may go against the SPARC and Intel ABIs and can be\n bypassed as required in programs with mprotect(2). For the changes to\n take effect you will then need to reboot. \n\n Other operating systems and architectures also support the disabling\n of executable stacks either through native configuration parameters or\n via third-party software. Consult your vendor(s) for additional\n information. \n\nShare tools and techniques\n\n Because dealing with these vulnerabilities to systems and networks is\n so complex, the CERT/CC will provide a forum where administrators can\n share ideas and techniques that can be used to develop proper\n defenses. We have created an unmoderated mailing list for system and\n network administrators to discuss helpful techniques and tools. \n\n You can subscribe to the mailing list by sending an email message to\n majordomo@cert.org. In the body of the message, type\n\n subscribe snmp-forum\n\n After you receive the confirmation message, follow the instructions in\n the message to complete the subscription process. \n\nAppendix A. - Vendor Information\n\n This appendix contains information provided by vendors for this\n advisory. As vendors report new information to the CERT/CC, we will\n update this section and note the changes in our revision history. If a\n particular vendor is not listed below, we have not received their\n comments. \n\nAdventNet\n\n This is in reference to your notification regarding [VU#107186 and\n VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this\n behavior in their products and coded a Service Pack fix which is\n currently in regression testing in AdventNet Inc.\u0027s Q.A. \n organization. The release of AdventNet Inc\u0027s. Service Pack\n correcting the behavior outlined in VU#617947, and OUSPG#0100 is\n scheduled to be generally available to all of AdventNet Inc.\u0027s\n customers by February 20, 2002. \n\nAvaya\n\n Avaya Inc. \n\nCacheFlow\n\n The purpose of this email is to advise you that CacheFlow Inc. has\n provided a software update. Please be advised that updated versions\n of the software are now available for all supported CacheFlow\n hardware platforms, and may be obtained by CacheFlow customers at\n the following URL:\n\n http://download.cacheflow.com/\n\n The specific reference to the software update is contained within the\n Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15\n Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149. \n\n RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm\n\n RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm\n\n * SR 1-1647517, VI 13045: This update modified a potential\n vulnerability by using an SNMP test tools exploit. \n\n3Com Corporation\n\n A vulnerability to an SNMP packet with an invalid length community\n string has been resolved in the following products. Customers\n concerned about this weakness should ensure that they upgrade to\n the following agent versions:\n PS Hub 40\n 2.16 is due Feb 2002\n PS Hub 50\n 2.16 is due Feb 2002\n Dual Speed Hub\n 2.16 is due Jan 2002\n Switch 1100/3300\n 2.68 is available now\n Switch 4400\n 2.02 is available now\n Switch 4900\n 2.04 is available now\n WebCache1000/3000\n 2.00 is due Jan 2002\n\nCaldera\n\n Caldera International, Inc. has reproduced faulty behavior in\n Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX\n 8. We have coded a software fix for supported versions of Caldera\n UnixWare 7 and Caldera Open UNIX 8 that will be available from\n our support site at http://stage.caldera.com/support/security\n immediately following the publication of this CERT announcement. A\n fix for supported versions of OpenServer 5 will be available at a\n later date. \n\nCisco Systems\n\n Cisco Systems is addressing the vulnerabilities identified by\n VU#854306 and VU#107186 across its entire product line. Cisco will\n publish a security advisory with further details at\n http://www.cisco.com/go/psirt/. \n\nCompaq Computer Corporation\n\n x-ref: SSRT0779U SNMP\n At the time of writing this document, COMPAQ continues to evaluate\n this potential problem and when new versions of SNMP are available,\n COMPAQ will implement solutions based on the new code. Compaq will\n provide notice of any new patches as a result of that effort\n through standard patch notification procedures and be available\n from your normal Compaq Services support channel. \n\nComputer Associates\n\n Computer Associates has confirmed Unicenter vulnerability to the\n SNMP advisory identified by CERT notification reference [VU#107186\n \u0026 VU#854306] and OUSPG#0100. We have produced corrective\n maintenance to address these vulnerabilities, which is in the\n process of publication for all applicable releases / platforms and\n will be offered through the CA Support site. Please contact our\n Technical Support organization for information regarding\n availability / applicability for your specific configuration(s). \n\nCOMTEK Services, Inc. \n\n NMServer for AS/400 is not an SNMP master and is therefore not\n vulnerable. However this product requires the use of the AS/400\n SNMP master agent supplied by IBM. \n\n NMServer for OpenVMS has been tested and has shown to be\n vulnerable. COMTEK Services is preparing a new release of this\n product (version 3.5) which will contain a fix for this problem. \n This new release is scheduled to be available in February 2002. \n Contact COMTEK Services for further information. \n\n NMServer for VOS has not as yet been tested; vulnerability of this\n agent is unknown. Contact for further information on the testing\n schedule of the VOS product. \n\nCovalent Technologies\n\n Covalent Technologies ERS (Enterprise Ready Server), Secure Server,\n and Conductor SNMP module are not vulnerable according to testing\n performed in accordance with CERT recommendations. Security\n information for Covalent products can be found at www.covalent.net\n\nDartware, LLC\n\n Dartware, LLC (www.dartware.com) supplies two products that use\n SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present\n and past versions of these two software packages. \n\nDMH Software\n\n DMH Software is in the process of evaluating and attempting to\n reproduce this behavior. \n It is unclear at this point if our snmp-agent is sensitive to the\n tests described above. \n If any problems will be discovered, DMH Software will code a\n software fix. \n The release of DMH Software OS correcting the behavior outlined in\n VU#854306, VU#107186, and OUSPG#0100 will be generally available to\n all of DMH Software\u0027s customers as soon as possible. \n\nEnGarde Secure Linux\n\n EnGarde Secure Linux did not ship any SNMP packages in version\n 1.0.1 of our distribution, so we are not vulnerable to either bug. \n\nFreeBSD\n\n FreeBSD does not include any SNMP software by default, and so is\n not vulnerable. However, the FreeBSD Ports Collection contains the\n UCD-SNMP / NET-SNMP package. Package versions prior to\n ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release\n will ship the corrected version of the UCD-SNMP / NET-SNMP\n package. In addition, the corrected version of the packages is\n available from the FreeBSD mirrors. \n\n FreeBSD has issued the following FreeBSD Security Advisory\n regarding the UCD-SNMP / NET-SNMP package:\n ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09. \n snmp.asc. \n\nHewlett-Packard Company\n\n SUMMARY - known vulnerable:\n ========================================\n hp procurve switch 2524\n NNM (Network Node Manager)\n JetDirect Firmware (Older versions only)\n HP-UX Systems running snmpd or OPENVIEW\n MC/ServiceGuard\n EMS\n Still under investigation:\n SNMP/iX (MPE/iX)\n ========================================\n _________________________________________________________\n ---------------------------------------------------------\n hp procurve switch 2524 \n ---------------------------------------------------------\n hp procurve switch 2525 (product J4813A) is vulnerable to some\n issues, patches in process. Watch for the associated HP\n Security Bulletin. \n ---------------------------------------------------------\n NNM (Network Node Manager)\n ---------------------------------------------------------\n Some problems were found in NNM product were related to\n trap handling. Patches in process. Watch for the\n associated HP Security Bulletin. \n ---------------------------------------------------------\n JetDirect Firmware (Older versions only)\n ---------------------------------------------------------\n ONLY some older versions of JetDirect Firmware are\n vulnerable to some of the issues. The older firmware\n can be upgraded in most cases, see list below. \n JetDirect Firmware Version State\n ========================== =====\n X.08.32 and higher NOT Vulnerable\n X.21.00 and higher NOT Vulnerable\n JetDirect Product Numbers that can be freely\n upgraded to X.08.32 or X.21.00 or higher firmware. \n EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)\n J3110A 10T\n J3111A 10T/10B2/LocalTalk\n J3112A Token Ring (discontinued)\n J3113A 10/100 (discontinued)\n J4169A 10/100\n J4167A Token Ring\n MIO (Peripherals LaserJet 4, 4si, 5si, etc...)\n J2550A/B 10T (discontinued)\n J2552A/B 10T/10Base2/LocalTalk (discontinued)\n J2555A/B Token Ring (discontinued)\n J4100A 10/100\n J4105A Token Ring\n J4106A 10T\n External Print Servers\n J2591A EX+ (discontinued)\n J2593A EX+3 10T/10B2 (discontinued)\n J2594A EX+3 Token Ring (discontinued)\n J3263A 300X 10/100\n J3264A 500X Token Ring\n J3265A 500X 10/100\n ----------------------------------------------------------\n HP-UX Systems running snmpd or OPENVIEW\n ----------------------------------------------------------\n The following patches are available now:\n PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch\n PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch\n PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated\n Patch\n All three patches are available from:\n http://support.openview.hp.com/cpe/patches/\n In addition PHSS_26137 and PHSS_26138 will soon be available from:\n http://itrc.hp.com\n ================================================================\n NOTE: The patches are labeled OV(Open View). However, the patches\n are also applicable to systems that are not running Open View. \n =================================================================\n Any HP-UX 10.X or 11.X system running snmpd or snmpdm is\n vulnerable. \n To determine if your HP-UX system has snmpd or snmpdm installed:\n swlist -l file | grep snmpd\n If a patch is not available for your platform or you cannot install\n an available patch, snmpd and snmpdm can be disabled by removing\n their\n entries from /etc/services and removing the execute permissions\n from\n /usr/sbin/snmpd and /usr/sbin/snmpdm. \n ----------------------------------------------------------------\n Investigation completed, systems vulnerable. \n ----------------------------------------------------------------\n MC/ServiceGuard\n Event Monitoring System (EMS)\n ----------------------------------------------------------------\n Still under investigation:\n ----------------------------------------------------------------\n SNMP/iX (MPE/iX)\n\nHirschmann Electronics GmbH \u0026 Co. KG\n\n Hirschmann Electronics GmbH \u0026 Co. KG supplies a broad range of\n networking products, some of which are affected by the SNMP\n vulnerabilities identified by CERT Coordination Center. The manner\n in which they are affected and the actions required to avoid being\n impacted by exploitation of these vulnerabilities, vary from\n product to product. Hirschmann customers may contact our Competence\n Center (phone +49-7127-14-1538, email:\n ans-support@nt.hirschmann.de) for additional information,\n especially regarding availability of latest firmware releases\n addressing the SNMP vulnerabilities. \n\nIBM Corporation\n\n Based upon the results of running the test suites we have\n determined that our version of SNMP shipped with AIX is NOT\n vulnerable. \n\nInnerdive Solutions, LLC\n\n Innerdive Solutions, LLC has two SNMP based products:\n 1. The \"SNMP MIB Scout\"\n (http://www.innerdive.com/products/mibscout/)\n 2. The \"Router IP Console\" (http://www.innerdive.com/products/ric/)\n The \"SNMP MIB Scout\" is not vulnerable to either bug. \n The \"Router IP Console\" releases prior to 3.3.0.407 are vulnerable. \n The release of \"Router IP Console\" correcting the behavior outlined\n in OUSPG#0100 is 3.3.0.407 and is already available on our site. \n Also, we will notify all our customers about this new release no\n later than March 5, 2002. \n\nJuniper Networks\n\n This is in reference to your notification regarding CAN-2002-0012\n and CAN-2002-0013. Juniper Networks has reproduced this behavior\n and coded a software fix. The fix will be included in all releases\n of JUNOS Internet software built after January 5, 2002. Customers\n with current support contracts can download new software with the\n fix from Juniper\u0027s web site at www.juniper.net. \n Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can\n only be reproduced in JUNOS Internet software if certain tracing\n options are enabled. These options are generally not enabled in\n production routers. \n\nLantronix, Inc. \n\n Lantronix is committed to resolving security issues with our\n products. The SNMP security bug you reported has been fixed in LRS\n firmware version B1.3/611(020123). \n\nLotus Development Corporation\n\n Lotus Software evaluated the Lotus Domino Server for\n vulnerabilities using the test suite materials provided by OUSPG. \n This problem does not affect default installations of the Domino\n Server. However, SNMP agents can be installed from the CD to\n provide SNMP services for the Domino Server (these are located in\n the /apps/sysmgmt/agents directory). The optional platform\n specific master and encapsulator agents included with the Lotus\n Domino SNMP Agents for HP-UX and Solaris have been found to be\n vulnerable. For those platforms, customers should upgrade to\n version R5.0.1 a of the Lotus Domino SNMP Agents, available for\n download from the Lotus Knowledge Base on the IBM Support Web Site\n (http://www.ibm.com/software/lotus/support/). Please refer to\n Document #191059, \"Lotus Domino SNMP Agents R5.0.1a\", also in the\n Lotus Knowledge Base, for more details. \n\nLOGEC Systems Inc\n\n The products from LOGEC Systems are exposed to SNMP only via HP\n OpenView. We do not have an implementation of SNMP ourselves. As\n such, there is nothing in our products that would be an issue with\n this alert. \n\nLucent\n\n Lucent is aware of reports that there is a vulnerability in certain\n implementations of the SNMP (Simple Network Management Protocol)\n code that is used in data switches and other hardware throughout\n the telecom industry. \n As soon as we were notified by CERT, we began assessing our product\n portfolio and notifying customers with products that might be\n affected. \n Our 5ESS switch and most of our optical portfolio were not\n affected. Our core and edge ATM switches and most of our edge\n access products are affected, but we have developed, tested, and\n deployed fixes for many of those products to our customers. Fixes\n for the rest of the affected product portfolio will be available\n shortly. \n We consider the security and reliability of our customers\u0027 networks\n to be one of our critical measures of success. We take every\n reasonable measure to ensure their satisfaction. \n In addition, we are working with customers on ways to further\n enhance the security they have in place today. \n\nMarconi\n\n Marconi supplies a broad range of telecommunications and related\n products, some of which are affected by the SNMP vulnerabilities\n identified here. The manner in which they are affected and the\n actions required (if any) to avoid being impacted by exploitation\n of these vulnerabilities, vary from product to product. Those\n Marconi customers with support entitlement may contact the\n appropriate Technical Assistance Center (TAC) for additional\n information. Those not under support entitlement may contact their\n sales representative. \n\nMicrosoft Corporation\n\n The Microsoft Security Reponse [sic] Center has investigated this\n issue, and provides the following information. \n\n Summary:\n All Microsoft implementations of SNMP v1 are affected by the\n vulnerability. The SNMP v1 service is not installed or running by\n default on any version of Windows. A patch is underway to eliminate\n the vulnerability. In the meantime, we recommend that affected\n customers disable the SNMP v1 service. \n\n Details:\n An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE. \n It is not installed or running by default on any of these\n platforms. An SNMP v1 is NOT provided for Windows ME. However, it\n is possible that Windows 98 machines which had the service\n installed and were upgraded would still have the service. Since\n SNMP is not supported for WinME, customers in this situation are\n urged to remove the SNMP service. \n An SNMP v1 service is available on Windows NT 4.0 (including\n Terminal Server Edition) and Windows 2000 but is not installed or\n running by default on any of these platforms.Windows XP does not\n ship with an SNMP v1 service. \n\n Remediation:\n A patch is underway for the affected platforms, and will be\n released shortly. In the meantime, Microsoft recommends that\n customers who have the SNMP v1 service running disable it to\n protect their systems. Following are instruction for doing this:\n\n Windows 95, 98 and 98SE:\n 1. In Control Panel, double-click Network. \n 2. On the Configuration tab, select Microsoft SNMP Agent from the\n list of installed components. \n 3. Click Remove\n\n Check the following keys and confirm that snmp.exe is not listed. \n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunSer\n vices\n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\n \n For Windows XP:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n \n For Windows NT 4.0 (including Terminal Server Edition):\n 1. Select Start, then Settings. \n 2. Select Control Panel, then click on the Services Icon\n 3. Locate SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close Control Panel\n\n Windows 2000:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n\nMultinet\n\n MultiNet and TCPware customers should contact Process Software to\n check for the availability of patches for this issue. A couple of\n minor problems were found and fixed, but there is no security risk\n related to the SNMP code included with either product. \n\nNetaphor\n\n NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP\n Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,\n two Java based products that may be affected by the SNMP\n vulnerabilities identified here. The manner in which they are\n affected and the actions required (if any) to avoid being impacted\n by exploitation of these vulnerabilities, may be obtained by\n contacting Netaphor via email at info@netaphor.com Customers with\n annual support may contact support@netaphor.com directly. Those not\n under support entitlement may contact Netaphor sales:\n sales@netaphor.com or (949) 470 7955 in USA. \n\nNetBSD\n\n NetBSD does not ship with any SNMP tools in our \u0027base\u0027 releases. We\n do provide optional packages which provide various support for\n SNMP. These packages are not installed by default, nor are they\n currently provided as an install option by the operating system\n installation tools. A system administrator/end-user has to manually\n install this with our package management tools. These SNMP packages\n include:\n + netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for\n netsaint)\n + p5-Net-SNMP-3.60 (perl5 module for SNMP queries)\n + p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP\n library\n + p5-SNMP_Session-0.83 (perl5 module providing rudimentary\n access to remote SNMP agents)\n + ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.1.2)\n + ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.2.1)\n\n We do provide a software monitoring mechanism called\n \u0027audit-packages\u0027, which allows us to highlight if a package with a\n range of versions has a potential vulnerability, and recommends\n that the end-user upgrade the packages in question. \n\nNetscape Communications Corporation\n\n Netscape continues to be committed to maintaining a high level of\n quality in our software and service offerings. Part of this\n commitment includes prompt response to security issues discovered\n by organizations such as the CERT Coordination Center. \n According to a recent CERT/CC advisory, The Oulu University Secure\n Programming Group (OUSPG) has reported numerous vulnerabilities in\n multiple vendor SNMPv1 implementations. \n We have carefully examined the reported findings, performing the\n tests suggested by the OUSPG to determine whether Netscape server\n products were subject to these vulnerabilities. It was determined\n that several products fell into this category. As a result, we have\n created fixes which will resolve the issues, and these fixes will\n appear in future releases of our product line. To Netscape\u0027s\n knowledge, there are no known instances of these vulnerabilities\n being exploited and no customers have been affected to date. \n When such security warnings are issued, Netscape has committed to -\n and will continue to commit to - resolving these issues in a prompt\n and timely fashion, ensuring that our customers receive products of\n the highest quality and security. \n\nNET-SNMP\n\n All ucd-snmp version prior to 4.2.2 are susceptible to this\n vulnerability and users of versions prior to version 4.2.2 are\n encouraged to upgrade their software as soon as possible\n (http://www.net-snmp.org/download/). Version 4.2.2 and higher are\n not susceptible. \n\nNetwork Associates\n\n PGP is not affected, impacted, or otherwise related to this VU#. \n\nNetwork Computing Technologies\n\n Network Computing Technologies has reviewed the information\n regarding SNMP vulnerabilities and is currently investigating the\n impact to our products. \n\nNokia\n\n This vulnerability is known to affect IPSO versions 3.1.3, 3.3,\n 3.3.1, 3.4, and 3.4.1. Patches are currently available for\n versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia\n website. In addition, version 3.4.2 shipped with the patch\n incorporated, and the necessary fix will be included in all future\n releases of IPSO. \n We recommend customers install the patch immediately or follow the\n recommended precautions below to avoid any potential exploit. \n If you are not using SNMP services, including Traps, simply disable\n the SNMP daemon to completely eliminate the potential\n vulnerability. \n If you are using only SNMP Traps and running Check Point\n FireWall-1, create a firewall policy to disallow incoming SNMP\n messages on all appropriate interfaces. Traps will continue to work\n normally. \n\nNortel Networks\n\n The CERT Coordination Center has issued a broad based alert to the\n technology industry, including Nortel Networks, regarding potential\n security vulnerabilities identified in the Simple Network\n Management Protocol (SNMP), a common networking standard. The\n company is working with CERT and other network equipment\n manufacturers, the U.S. Government, service providers, and software\n suppliers to assess and address this issue. \n\nNovell\n\n Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x\n and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on\n NetWare are fixed and will be available through NetWare 6 Support\n Pack 1 \u0026 NetWare 5.1 Support Pack 4. Support packs are available at\n http://support.novell.com/tools/csp/\n\nOpenBSD\n\n OpenBSD does not ship SNMP code. \n\nQualcomm\n\n WorldMail does not support SNMP by default, so customers who run\n unmodified installations are not vulnerable. \n\nRedback Networks, Inc. \n\n Redback Networks, Inc. has identified that the vulnerability in\n question affects certain versions of AOS software on the SMS 500,\n SMS 1800, and SMS 10000 platforms, and is taking the appropriate\n steps necessary to correct the issue. \n\nRed Hat\n\n RedHat has released a security advisiory [sic] at\n http://www.redhat.com/support/errata/RHSA-2001-163.html\n with updated versions of the ucd-snmp package for all supported\n releases and architectures. For more information or to download the\n update please visit this page. \n\nSGI\n\n SGI acknowledges the SNMP vulnerabilities reported by CERT and is\n currently investigating. \n For the protection of all our customers, SGI does not disclose,\n discuss or confirm vulnerabilities until a full investigation has\n occurred and any necessary patch(es) or release streams are\n available for all vulnerable and supported IRIX operating systems. \n Until SGI has more definitive information to provide, customers are\n encouraged to assume all security vulnerabilities as exploitable\n and take appropriate steps according to local site security\n policies and requirements. As further information becomes\n available, additional advisories will be issued via the normal SGI\n security information distribution methods including the wiretap\n mailing list on http://www.sgi.com/support/security/. \n\nSNMP Research International\n\n SNMP Research has made the following vendor statement. They are\n likely to revise and expand the statement as the date for the\n public vulnerability announcement draws nearer. Users maintaining\n earlier releases should update to the current release if they have\n not already done so. Other Stonesoft\u0027s products are\n still under investigation. As further information becomes\n available, additional advisories will be available at\n http://www.stonesoft.com/support/techcenter/\n\nSun Microsystems, Inc. \n\n Sun\u0027s SNMP product, Solstice Enterprise Agents (SEA), described\n here:\n http://www.sun.com/solstice/products/ent.agents/\n is affected by VU#854306 but not VU#107186. More specifically the\n main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8. \n Sun is currently generating patches for this issue and will be\n releasing a Sun Security Bulletin once the patches are available. \n The bulletin will be available from:\n http://sunsolve.sun.com/security. Sun patches are available from:\n http://sunsolve.sun.com/securitypatch. \n\nSymantec Corporation\n\n Symantec Corporation has investigated the SNMP issues identified by\n the OUSPG test suite and determined that Symantec products are not\n susceptable [sic] to these issues. \n\nTANDBERG\n\n Tandberg have run all the testcases found the PROTOS test-suie\n [sic], c06snmpv1:\n 1. c06-snmpv1-trap-enc-pr1.jar\n 2. c06-snmpv1-treq-app-pr1.jar\n 3. c06-snmpv1-trap-enc-pr1.jar\n 4. c06-snmpv1-req-app-pr1.jar\n The tests were run with standard delay time between the requests\n (100ms), but also with a delay of 1ms. The tests applies to all\n TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The\n software tested on these products were B4.0 (our latest software)\n and no problems were found when running the test suite. \n\nTivoli Systems\n\n Our analysis indicates that this vulnerability does not affect the\n Tivoli NetView product. \n\nAppendix B. - References\n 1. http://www.ee.oulu.fi/research/ouspg/protos/\n 2. http://www.kb.cert.org/vuls/id/854306\n 3. http://www.kb.cert.org/vuls/id/107186\n 4. http://www.cert.org/tech_tips/denial_of_service.html\n 5. http://www.ietf.org/rfc/rfc1067.txt\n 6. http://www.ietf.org/rfc/rfc1089.txt\n 7. http://www.ietf.org/rfc/rfc1140.txt\n 8. http://www.ietf.org/rfc/rfc1155.txt\n 9. http://www.ietf.org/rfc/rfc1156.txt\n 10. http://www.ietf.org/rfc/rfc1215.txt\n 11. http://www.ietf.org/rfc/rfc1270.txt\n 12. http://www.ietf.org/rfc/rfc1352.txt\n\nAppendix C. - Background Information\n\n Background Information on the OUSPG\n\n OUSPG is an academic research group located at Oulu University in\n Finland. The purpose of this research group is to test software\n for vulnerabilities. \n History has shown that the techniques used by the OUSPG have\n discovered a large number of previously undetected problems in the\n products and protocols they have tested. In 2001, the OUSPG\n produced a comprehensive test suite for evaluating implementations\n of the Lightweight Directory Access Protocol (LDAP). This test\n suite was developed with the strategy of abusing the protocol in\n unsupported and unexpected ways, and it was very effective in\n uncovering a wide variety of vulnerabilities across several\n products. This approach can reveal vulnerabilities that would not\n manifest themselves under normal conditions. \n After completing its work on LDAP, OUSPG moved its focus to\n SNMPv1. As with LDAP, they designed a custom test suite, began\n testing a selection of products, and found a number of\n vulnerabilities. Because OUSPG\u0027s work on LDAP was similar in\n procedure to its current work on SNMP, you may wish to review the\n LDAP Test Suite and CERT Advisory CA-2001-18, which outlined\n results of application of the test suite. \n In order to test the security of protocols like SNMPv1, the PROTOS\n project presents a server with a wide variety of sample packets\n containing unexpected values or illegally formatted data. As a\n member of the PROTOS project consortium, the OUSPG used the PROTOS\n c06-snmpv1 test suite to study several implementations of the\n SNMPv1 protocol. Results of the test suites run against SNMP\n indicate that there are many different vulnerabilities on many\n different implementations of SNMP. Software and\n firmware products designed for networks often make use of the SNMP\n protocol. SNMP runs on a multitude of devices and operating\n systems, including, but not limited to,\n + Core Network Devices (Routers, Switches, Hubs, Bridges, and\n Wireless Network Access Points)\n + Operating Systems\n + Consumer Broadband Network Devices (Cable Modems and DSL\n Modems)\n + Consumer Electronic Devices (Cameras and Image Scanners)\n + Networked Office Equipment (Printers, Copiers, and FAX\n Machines)\n + Network and Systems Management/Diagnostic Frameworks (Network\n Sniffers and Network Analyzers)\n + Uninterruptible Power Supplies (UPS)\n + Networked Medical Equipment (Imaging Units and Oscilloscopes)\n + Manufacturing and Processing Equipment\n The SNMP protocol is formally defined in RFC1157. Quoting from\n that RFC:\n\n Implicit in the SNMP architectural model is a collection\n of network management stations and network elements. \n Network management stations execute management\n applications which monitor and control network elements. \n Network elements are devices such as hosts, gateways,\n terminal servers, and the like, which have management\n agents responsible for performing the network management\n functions requested by the network management stations. \n\n Additionally, SNMP is discussed in a number of other RFC\n documents:\n + RFC 3000 Internet Official Protocol Standards\n + RFC 1212 Concise MIB Definitions\n + RFC 1213 Management Information Base for Network Management\n of TCP/IP-based Internets: MIB-II\n + RFC 1215 A Convention for Defining Traps for use with the\n SNMP\n + RFC 1270 SNMP Communications Services\n + RFC 2570 Introduction to Version 3 of the Internet-standard\n Network Management Framework\n + RFC 2571 An Architecture for Describing SNMP Management\n Frameworks\n + RFC 2572 Message Processing and Dispatching for the Simple\n Network Management Protocol (SNMP)\n + RFC 2573 SNMP Applications\n + RFC 2574 User-based Security Model (USM) for version 3 of the\n Simple Network Management Protocol (SNMPv3)\n + RFC 2575 View-based Access Control Model (VACM) for the\n Simple Network Management Protocol (SNMP)\n + RFC 2576 Coexistence between Version 1, Version 2, and\n Version 3 of the Internet-standard Network Management\n Framework\n _____________________________________________________________\n\n The CERT Coordination Center thanks the Oulu University Secure\n Programming Group for reporting these vulnerabilities to us, for\n providing detailed technical analyses, and for assisting us in\n preparing this advisory. We also thank Steven M. Bellovin (AT\u0026T\n Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP\n Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),\n Rob Thomas, Blue Boar (Thievco), and the many others who\n contributed to this document. \n _____________________________________________________________\n\n Feedback on this document can be directed to the authors, Ian A. \n Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D. \n Householder, Marty Lindner, and Art Manion. \n __________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2002-03.html\n __________________________________________________________________\n\n CERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n \n Using encryption\n We strongly urge you to encrypt sensitive information sent by\n email. Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n If you prefer to use DES, please call the CERT hotline for more\n information. \n \n Getting security information\n CERT publications and other security information are available\n from our web site\n http://www.cert.org/\n To subscribe to the CERT mailing list for advisories and\n bulletins, send email to majordomo@cert.org. Please include in the\n body of your message\n \n subscribe cert-advisory\n \n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n __________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the\n Software Engineering Institute is furnished on an \"as is\" basis. \n Carnegie Mellon University makes no warranties of any kind, either\n expressed or implied as to any matter including, but not limited\n to, warranty of fitness for a particular purpose or\n merchantability, exclusivity or results obtained from use of the\n material. Carnegie Mellon University does not make any warranty of\n any kind with respect to freedom from patent, trademark, or\n copyright infringement. \n _____________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n Copyright 2002 Carnegie Mellon University. \n\nRevision History\n\n February 12, 2002: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU\nR1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl\nQUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr\nuZiMJ5f2SEo=\n=h42e\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0053"
},
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000035"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "PACKETSTORM",
"id": "25758"
}
],
"trust": 4.23
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#107186",
"trust": 3.9
},
{
"db": "CERT/CC",
"id": "VU#854306",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2002-0053",
"trust": 3.0
},
{
"db": "BID",
"id": "4132",
"trust": 1.9
},
{
"db": "BID",
"id": "4732",
"trust": 1.9
},
{
"db": "BID",
"id": "4088",
"trust": 1.6
},
{
"db": "BID",
"id": "4089",
"trust": 1.6
},
{
"db": "XF",
"id": "8176",
"trust": 0.8
},
{
"db": "XF",
"id": "8177",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000035",
"trust": 0.8
},
{
"db": "MS",
"id": "MS02-006",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:209",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:402",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2002-03",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200203-006",
"trust": 0.6
},
{
"db": "BID",
"id": "89608",
"trust": 0.3
},
{
"db": "BID",
"id": "89661",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "25758",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000035"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "NVD",
"id": "CVE-2002-0053"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-006"
}
]
},
"id": "VAR-200203-0024",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3056849
},
"last_update_date": "2023-12-18T12:47:42.246000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00184",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00964944"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ibm.com/jp/"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2001-163.html"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2001-163j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000035"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0053"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.cert.org/advisories/ca-2002-03.html"
},
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/107186"
},
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/854306"
},
{
"trust": 2.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013"
},
{
"trust": 2.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012"
},
{
"trust": 2.2,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html"
},
{
"trust": 1.7,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/"
},
{
"trust": 1.7,
"url": "http://www.cert.org/tech_tips/denial_of_service.html"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1215.txt"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1270.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc3000.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1212.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1213.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2570.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2571.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2572.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2573.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2574.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2575.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2576.txt"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4088"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4132"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4732"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4089"
},
{
"trust": 1.2,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a209"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a402"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/m-042.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0053"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20020213snmp.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020701.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020901.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2002/at020001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-03"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0053"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/8176"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/8177"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/protos_snmp_xforce.html"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:402"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:209"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-non-ios-pub.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1352.txt"
},
{
"trust": 0.1,
"url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/tech_tips/snmp_faq.html"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.1.02/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/ric/)"
},
{
"trust": 0.1,
"url": "https://www.juniper.net."
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/securitypatch."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt/."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1067.txt"
},
{
"trust": 0.1,
"url": "https://www.dartware.com)"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1140.txt"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://www.sun.com/solstice/products/ent.agents/"
},
{
"trust": 0.1,
"url": "http://stage.caldera.com/support/security"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/)"
},
{
"trust": 0.1,
"url": "http://www.net-snmp.org/download/)."
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.ibm.com/software/lotus/support/)."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/sa/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1156.txt"
},
{
"trust": 0.1,
"url": "http://support.novell.com/tools/csp/"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/cpe/patches/"
},
{
"trust": 0.1,
"url": "https://www.covalent.net"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/mibscout/)"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/0100.h"
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/security."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1155.txt"
},
{
"trust": 0.1,
"url": "http://www.stonesoft.com/support/techcenter/"
},
{
"trust": 0.1,
"url": "http://www.sgi.com/support/security/."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1089.txt"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/3.1.22/relnotes.htm"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000035"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "NVD",
"id": "CVE-2002-0053"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-006"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000035"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "NVD",
"id": "CVE-2002-0053"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-006"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-01-16T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2002-02-12T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000035"
},
{
"date": "2002-02-12T22:54:19",
"db": "PACKETSTORM",
"id": "25758"
},
{
"date": "2002-03-08T05:00:00",
"db": "NVD",
"id": "CVE-2002-0053"
},
{
"date": "2002-03-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200203-006"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000035"
},
{
"date": "2018-10-12T21:30:55.957000",
"db": "NVD",
"id": "CVE-2002-0053"
},
{
"date": "2005-10-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200203-006"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4132"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SNMPv1 trap handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
}
],
"trust": 0.6
}
}
VAR-200202-0007
Vulnerability from variot - Updated: 2023-12-18 12:47Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code ・ If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the “Overview” for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. The resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. Multiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP request messages. Among the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. It is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)
Original release date: February 12, 2002 Last revised: -- Source: CERT/CC
A complete revision history can be found at the end of this file.
Systems Affected
Products from a very wide variety of vendors may be affected. See Vendor Information for details from vendors who have provided feedback for this advisory.
In addition to the vendors who provided feedback for this advisory, a list of vendors whom CERT/CC contacted regarding these problems is available from http://www.kb.cert.org/vuls/id/854306 http://www.kb.cert.org/vuls/id/107186
Many other systems making use of SNMP may also be vulnerable but were not specifically tested.
In addition to this advisory, we also have an FAQ available at http://www.cert.org/tech_tips/snmp_faq.html
I. Version 1 of the protocol (SNMPv1) defines several types of SNMP messages that are used to request information or configuration changes, respond to requests, enumerate SNMP objects, and send unsolicited alerts. The Oulu University Secure Programming Group (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous vulnerabilities in SNMPv1 implementations from many different vendors. More information about SNMP and OUSPG can be found in Appendix C
OUSPG's research focused on the manner in which SNMPv1 agents and managers handle request and trap messages. A trap message may indicate a warning or error condition or otherwise notify the manager about the agent's state. Request messages might be issued to obtain information from an agent or to instruct the agent to configure the host device.
Vulnerabilities in the decoding and subsequent processing of SNMP messages by both managers and agents may result in denial-of-service conditions, format string vulnerabilities, and buffer overflows. Some vulnerabilities do not require the SNMP message to use the correct SNMP community string.
These vulnerabilities have been assigned the CVE identifiers CAN-2002-0012 and CAN-2002-0013, respectively.
II.
III. Solution
Note that many of the mitigation steps recommended below may have significant impact on your everyday network operations and/or network architecture. Ensure that any changes made based on the following recommendations will not unacceptably affect your ongoing network operations capability.
Apply a patch from your vendor
Appendix A contains information provided by vendors for this advisory. Please consult this appendix to determine if you need to contact your vendor directly.
Disable the SNMP service
As a general rule, the CERT/CC recommends disabling any service or capability that is not explicitly required, including SNMP. Unfortunately, some of the affected products exhibited unexpected behavior or denial of service conditions when exposed to the OUSPG test suite even if SNMP was not enabled. In these cases, disabling SNMP should be used in conjunction with the filtering practices listed below to provide additional protection.
Ingress filtering
As a temporary measure, it may be possible to limit the scope of these vulnerabilities by blocking access to SNMP services at the network perimeter.
Ingress filtering manages the flow of traffic as it enters a network under your administrative control. Servers are typically the only machines that need to accept inbound traffic from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound traffic to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound traffic to non-authorized services. For SNMP, ingress filtering of the following ports can prevent attackers outside of your network from impacting vulnerable devices in the local network that are not explicitly authorized to provide public SNMP services.
snmp 161/udp # Simple Network Management Protocol (SNMP) snmp 162/udp # SNMP system management messages
The following services are less common, but may be used on some affected products
snmp 161/tcp # Simple Network Management Protocol (SNMP) snmp 162/tcp # SNMP system management messages smux 199/tcp # SNMP Unix Multiplexer smux 199/udp # SNMP Unix Multiplexer synoptics-relay 391/tcp # SynOptics SNMP Relay Port synoptics-relay 391/udp # SynOptics SNMP Relay Port agentx 705/tcp # AgentX snmp-tcp-port 1993/tcp # cisco SNMP TCP port snmp-tcp-port 1993/udp # cisco SNMP TCP port
As noted above, you should carefully consider the impact of blocking services that you may be using.
It is important to note that in many SNMP implementations, the SNMP daemon may bind to all IP interfaces on the device. This has important consequences when considering appropriate packet filtering measures required to protect an SNMP-enabled device. For example, even if a device disallows SNMP packets directed to the IP addresses of its normal network interfaces, it may still be possible to exploit these vulnerabilities on that device through the use of packets directed at the following IP addresses: * "all-ones" broadcast address * subnet broadcast address * any internal loopback addresses (commonly used in routers for management purposes, not to be confused with the IP stack loopback address 127.0.0.1)
Careful consideration should be given to addresses of the types mentioned above by sites planning for packet filtering as part of their mitigation strategy for these vulnerabilities.
Finally, sites may wish to block access to the following RPC services related to SNMP (listed as name, program ID, alternate names)
snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys snmp-utk snmpv2 100138 na.snmpv2 # SNM Version 2.2.2 snmpXdmid 100249
Please note that this workaround may not protect vulnerable devices from internal attacks.
Filter SNMP traffic from non-authorized internal hosts
In many networks, only a limited number of network management systems need to originate SNMP request messages. This can reduce, but not wholly eliminate, the risk from internal attacks. However, it may have detrimental effects on network performance due to the increased load imposed by the filtering, so careful consideration is required before implementation. Similar caveats to the previous workaround regarding broadcast and loopback addresses apply.
Change default community strings
Most SNMP-enabled products ship with default community strings of "public" for read-only access and "private" for read-write access. As with any known default access control mechanism, the CERT/CC recommends that network administrators change these community strings to something of their own choosing. However, even when community strings are changed from their defaults, they will still be passed in plaintext and are therefore subject to packet sniffing attacks. SNMPv3 offers additional capabilities to ensure authentication and privacy as described in RFC2574.
Because many of the vulnerabilities identified in this advisory occur before the community strings are evaluated, it is important to note that performing this step alone is not sufficient to mitigate the impact of these vulnerabilities. Nonetheless, it should be performed as part of good security practice.
Segregate SNMP traffic onto a separate management network
In situations where blocking or disabling SNMP is not possible, exposure to these vulnerabilities may be limited by restricting all SNMP access to separate, isolated management networks that are not publicly accessible. Although this would ideally involve physically separate networks, that kind of separation is probably not feasible in most environments. Mechanisms such as virtual LANs (VLANs) may be used to help segregate traffic on the same physical network. Note that VLANs may not strictly prevent an attacker from exploiting these vulnerabilities, but they may make it more difficult to initiate the attacks.
Another option is for sites to restrict SNMP traffic to separate virtual private networks (VPNs), which employ cryptographically strong authentication.
Note that these solutions may require extensive changes to a site's network architecture.
Egress filtering
Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound traffic to the Internet. In the case of SNMP vulnerabilities, employing egress filtering on the ports listed above at your network border can prevent your network from being used as a source for attacks on other sites.
Disable stack execution
Disabling executable stacks (on systems where this is configurable) can reduce the risk of "stack smashing" attacks based on these vulnerabilities. Although this does not provide 100 percent protection against exploitation of these vulnerabilities, it makes the likelihood of a successful exploit much smaller. On many UNIX systems, executable stacks can be disabled by adding the following lines to /etc/system:
set noexec_user_stack = 1 set noexec_user_stack_log = 1
Note that this may go against the SPARC and Intel ABIs and can be bypassed as required in programs with mprotect(2). For the changes to take effect you will then need to reboot.
Other operating systems and architectures also support the disabling of executable stacks either through native configuration parameters or via third-party software. Consult your vendor(s) for additional information.
Share tools and techniques
Because dealing with these vulnerabilities to systems and networks is so complex, the CERT/CC will provide a forum where administrators can share ideas and techniques that can be used to develop proper defenses. We have created an unmoderated mailing list for system and network administrators to discuss helpful techniques and tools.
You can subscribe to the mailing list by sending an email message to majordomo@cert.org. In the body of the message, type
subscribe snmp-forum
After you receive the confirmation message, follow the instructions in the message to complete the subscription process.
Appendix A. - Vendor Information
This appendix contains information provided by vendors for this advisory. As vendors report new information to the CERT/CC, we will update this section and note the changes in our revision history. If a particular vendor is not listed below, we have not received their comments.
AdventNet
This is in reference to your notification regarding [VU#107186 and
VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this
behavior in their products and coded a Service Pack fix which is
currently in regression testing in AdventNet Inc.'s Q.A.
organization. The release of AdventNet Inc's. Service Pack
correcting the behavior outlined in VU#617947, and OUSPG#0100 is
scheduled to be generally available to all of AdventNet Inc.'s
customers by February 20, 2002.
Avaya
Avaya Inc.
CacheFlow
The purpose of this email is to advise you that CacheFlow Inc. has
provided a software update. Please be advised that updated versions
of the software are now available for all supported CacheFlow
hardware platforms, and may be obtained by CacheFlow customers at
the following URL:
http://download.cacheflow.com/
The specific reference to the software update is contained within the Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15 Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149.
RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm
RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS: * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm
* SR 1-1647517, VI 13045: This update modified a potential
vulnerability by using an SNMP test tools exploit.
3Com Corporation
A vulnerability to an SNMP packet with an invalid length community
string has been resolved in the following products. Customers
concerned about this weakness should ensure that they upgrade to
the following agent versions:
PS Hub 40
2.16 is due Feb 2002
PS Hub 50
2.16 is due Feb 2002
Dual Speed Hub
2.16 is due Jan 2002
Switch 1100/3300
2.68 is available now
Switch 4400
2.02 is available now
Switch 4900
2.04 is available now
WebCache1000/3000
2.00 is due Jan 2002
Caldera
Caldera International, Inc. has reproduced faulty behavior in
Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX
8. We have coded a software fix for supported versions of Caldera
UnixWare 7 and Caldera Open UNIX 8 that will be available from
our support site at http://stage.caldera.com/support/security
immediately following the publication of this CERT announcement. A
fix for supported versions of OpenServer 5 will be available at a
later date.
Cisco Systems
Cisco Systems is addressing the vulnerabilities identified by
VU#854306 and VU#107186 across its entire product line. Cisco will
publish a security advisory with further details at
http://www.cisco.com/go/psirt/.
Compaq Computer Corporation
x-ref: SSRT0779U SNMP
At the time of writing this document, COMPAQ continues to evaluate
this potential problem and when new versions of SNMP are available,
COMPAQ will implement solutions based on the new code. Compaq will
provide notice of any new patches as a result of that effort
through standard patch notification procedures and be available
from your normal Compaq Services support channel.
Computer Associates
Computer Associates has confirmed Unicenter vulnerability to the
SNMP advisory identified by CERT notification reference [VU#107186
& VU#854306] and OUSPG#0100. We have produced corrective
maintenance to address these vulnerabilities, which is in the
process of publication for all applicable releases / platforms and
will be offered through the CA Support site. Please contact our
Technical Support organization for information regarding
availability / applicability for your specific configuration(s).
COMTEK Services, Inc.
NMServer for AS/400 is not an SNMP master and is therefore not
vulnerable. However this product requires the use of the AS/400
SNMP master agent supplied by IBM.
NMServer for OpenVMS has been tested and has shown to be
vulnerable. COMTEK Services is preparing a new release of this
product (version 3.5) which will contain a fix for this problem.
This new release is scheduled to be available in February 2002.
Contact COMTEK Services for further information.
NMServer for VOS has not as yet been tested; vulnerability of this
agent is unknown. Contact for further information on the testing
schedule of the VOS product.
Covalent Technologies
Covalent Technologies ERS (Enterprise Ready Server), Secure Server,
and Conductor SNMP module are not vulnerable according to testing
performed in accordance with CERT recommendations. Security
information for Covalent products can be found at www.covalent.net
Dartware, LLC
Dartware, LLC (www.dartware.com) supplies two products that use
SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present
and past versions of these two software packages.
DMH Software
DMH Software is in the process of evaluating and attempting to
reproduce this behavior.
It is unclear at this point if our snmp-agent is sensitive to the
tests described above.
If any problems will be discovered, DMH Software will code a
software fix.
The release of DMH Software OS correcting the behavior outlined in
VU#854306, VU#107186, and OUSPG#0100 will be generally available to
all of DMH Software's customers as soon as possible.
EnGarde Secure Linux
EnGarde Secure Linux did not ship any SNMP packages in version
1.0.1 of our distribution, so we are not vulnerable to either bug.
FreeBSD
FreeBSD does not include any SNMP software by default, and so is
not vulnerable. However, the FreeBSD Ports Collection contains the
UCD-SNMP / NET-SNMP package. Package versions prior to
ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release
will ship the corrected version of the UCD-SNMP / NET-SNMP
package. In addition, the corrected version of the packages is
available from the FreeBSD mirrors.
FreeBSD has issued the following FreeBSD Security Advisory
regarding the UCD-SNMP / NET-SNMP package:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09.
snmp.asc.
Hewlett-Packard Company
SUMMARY - known vulnerable:
========================================
hp procurve switch 2524
NNM (Network Node Manager)
JetDirect Firmware (Older versions only)
HP-UX Systems running snmpd or OPENVIEW
MC/ServiceGuard
EMS
Still under investigation:
SNMP/iX (MPE/iX)
========================================
_________________________________________________________
---------------------------------------------------------
hp procurve switch 2524
---------------------------------------------------------
hp procurve switch 2525 (product J4813A) is vulnerable to some
issues, patches in process. Watch for the associated HP
Security Bulletin.
---------------------------------------------------------
NNM (Network Node Manager)
---------------------------------------------------------
Some problems were found in NNM product were related to
trap handling. Patches in process. Watch for the
associated HP Security Bulletin.
---------------------------------------------------------
JetDirect Firmware (Older versions only)
---------------------------------------------------------
ONLY some older versions of JetDirect Firmware are
vulnerable to some of the issues. The older firmware
can be upgraded in most cases, see list below.
JetDirect Firmware Version State
========================== =====
X.08.32 and higher NOT Vulnerable
X.21.00 and higher NOT Vulnerable
JetDirect Product Numbers that can be freely
upgraded to X.08.32 or X.21.00 or higher firmware.
EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)
J3110A 10T
J3111A 10T/10B2/LocalTalk
J3112A Token Ring (discontinued)
J3113A 10/100 (discontinued)
J4169A 10/100
J4167A Token Ring
MIO (Peripherals LaserJet 4, 4si, 5si, etc...)
J2550A/B 10T (discontinued)
J2552A/B 10T/10Base2/LocalTalk (discontinued)
J2555A/B Token Ring (discontinued)
J4100A 10/100
J4105A Token Ring
J4106A 10T
External Print Servers
J2591A EX+ (discontinued)
J2593A EX+3 10T/10B2 (discontinued)
J2594A EX+3 Token Ring (discontinued)
J3263A 300X 10/100
J3264A 500X Token Ring
J3265A 500X 10/100
----------------------------------------------------------
HP-UX Systems running snmpd or OPENVIEW
----------------------------------------------------------
The following patches are available now:
PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch
PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch
PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated
Patch
All three patches are available from:
http://support.openview.hp.com/cpe/patches/
In addition PHSS_26137 and PHSS_26138 will soon be available from:
http://itrc.hp.com
================================================================
NOTE: The patches are labeled OV(Open View). However, the patches
are also applicable to systems that are not running Open View.
=================================================================
Any HP-UX 10.X or 11.X system running snmpd or snmpdm is
vulnerable.
To determine if your HP-UX system has snmpd or snmpdm installed:
swlist -l file | grep snmpd
If a patch is not available for your platform or you cannot install
an available patch, snmpd and snmpdm can be disabled by removing
their
entries from /etc/services and removing the execute permissions
from
/usr/sbin/snmpd and /usr/sbin/snmpdm.
----------------------------------------------------------------
Investigation completed, systems vulnerable.
----------------------------------------------------------------
MC/ServiceGuard
Event Monitoring System (EMS)
----------------------------------------------------------------
Still under investigation:
----------------------------------------------------------------
SNMP/iX (MPE/iX)
Hirschmann Electronics GmbH & Co. KG
Hirschmann Electronics GmbH & Co. KG supplies a broad range of
networking products, some of which are affected by the SNMP
vulnerabilities identified by CERT Coordination Center. Hirschmann customers may contact our Competence
Center (phone +49-7127-14-1538, email:
ans-support@nt.hirschmann.de) for additional information,
especially regarding availability of latest firmware releases
addressing the SNMP vulnerabilities.
IBM Corporation
Based upon the results of running the test suites we have
determined that our version of SNMP shipped with AIX is NOT
vulnerable.
Innerdive Solutions, LLC
Innerdive Solutions, LLC has two SNMP based products:
1. The "SNMP MIB Scout"
(http://www.innerdive.com/products/mibscout/)
2. The "Router IP Console" (http://www.innerdive.com/products/ric/)
The "SNMP MIB Scout" is not vulnerable to either bug.
The "Router IP Console" releases prior to 3.3.0.407 are vulnerable.
The release of "Router IP Console" correcting the behavior outlined
in OUSPG#0100 is 3.3.0.407 and is already available on our site.
Also, we will notify all our customers about this new release no
later than March 5, 2002.
Juniper Networks
This is in reference to your notification regarding CAN-2002-0012
and CAN-2002-0013. Juniper Networks has reproduced this behavior
and coded a software fix. The fix will be included in all releases
of JUNOS Internet software built after January 5, 2002. Customers
with current support contracts can download new software with the
fix from Juniper's web site at www.juniper.net.
Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can
only be reproduced in JUNOS Internet software if certain tracing
options are enabled. These options are generally not enabled in
production routers.
Lantronix, Inc.
Lantronix is committed to resolving security issues with our
products. The SNMP security bug you reported has been fixed in LRS
firmware version B1.3/611(020123).
Lotus Development Corporation
Lotus Software evaluated the Lotus Domino Server for
vulnerabilities using the test suite materials provided by OUSPG.
This problem does not affect default installations of the Domino
Server. However, SNMP agents can be installed from the CD to
provide SNMP services for the Domino Server (these are located in
the /apps/sysmgmt/agents directory). The optional platform
specific master and encapsulator agents included with the Lotus
Domino SNMP Agents for HP-UX and Solaris have been found to be
vulnerable. For those platforms, customers should upgrade to
version R5.0.1 a of the Lotus Domino SNMP Agents, available for
download from the Lotus Knowledge Base on the IBM Support Web Site
(http://www.ibm.com/software/lotus/support/). Please refer to
Document #191059, "Lotus Domino SNMP Agents R5.0.1a", also in the
Lotus Knowledge Base, for more details.
LOGEC Systems Inc
The products from LOGEC Systems are exposed to SNMP only via HP
OpenView. We do not have an implementation of SNMP ourselves. As
such, there is nothing in our products that would be an issue with
this alert.
Lucent
Lucent is aware of reports that there is a vulnerability in certain
implementations of the SNMP (Simple Network Management Protocol)
code that is used in data switches and other hardware throughout
the telecom industry.
As soon as we were notified by CERT, we began assessing our product
portfolio and notifying customers with products that might be
affected.
Our 5ESS switch and most of our optical portfolio were not
affected. Our core and edge ATM switches and most of our edge
access products are affected, but we have developed, tested, and
deployed fixes for many of those products to our customers.
We consider the security and reliability of our customers' networks
to be one of our critical measures of success. We take every
reasonable measure to ensure their satisfaction.
In addition, we are working with customers on ways to further
enhance the security they have in place today.
Marconi
Marconi supplies a broad range of telecommunications and related
products, some of which are affected by the SNMP vulnerabilities
identified here. Those
Marconi customers with support entitlement may contact the
appropriate Technical Assistance Center (TAC) for additional
information. Those not under support entitlement may contact their
sales representative.
Microsoft Corporation
The Microsoft Security Reponse [sic] Center has investigated this
issue, and provides the following information. The SNMP v1 service is not installed or running by
default on any version of Windows. A patch is underway to eliminate
the vulnerability. In the meantime, we recommend that affected
customers disable the SNMP v1 service.
Details:
An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE.
It is not installed or running by default on any of these
platforms. An SNMP v1 is NOT provided for Windows ME. However, it
is possible that Windows 98 machines which had the service
installed and were upgraded would still have the service. Since
SNMP is not supported for WinME, customers in this situation are
urged to remove the SNMP service.
An SNMP v1 service is available on Windows NT 4.0 (including
Terminal Server Edition) and Windows 2000 but is not installed or
running by default on any of these platforms.Windows XP does not
ship with an SNMP v1 service.
Remediation:
A patch is underway for the affected platforms, and will be
released shortly. In the meantime, Microsoft recommends that
customers who have the SNMP v1 service running disable it to
protect their systems. Following are instruction for doing this:
Windows 95, 98 and 98SE:
1. In Control Panel, double-click Network.
2. On the Configuration tab, select Microsoft SNMP Agent from the
list of installed components.
3. Click Remove
Check the following keys and confirm that snmp.exe is not listed.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunSer
vices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
For Windows XP:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
For Windows NT 4.0 (including Terminal Server Edition):
1. Select Start, then Settings.
2. Select Control Panel, then click on the Services Icon
3. Locate SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close Control Panel
Windows 2000:
1. Right-click on My Computer and select Manage
2. Click on Services and Applications, then on Services
3. Location SNMP on the list of services, then select it and click
Stop.
4. Select Startup, and click Disabled.
5. Click OK to close the dialoge [sic], then close the Computer
Management window.
Multinet
MultiNet and TCPware customers should contact Process Software to
check for the availability of patches for this issue. A couple of
minor problems were found and fixed, but there is no security risk
related to the SNMP code included with either product.
Netaphor
NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP
Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,
two Java based products that may be affected by the SNMP
vulnerabilities identified here. The manner in which they are
affected and the actions required (if any) to avoid being impacted
by exploitation of these vulnerabilities, may be obtained by
contacting Netaphor via email at info@netaphor.com Customers with
annual support may contact support@netaphor.com directly. Those not
under support entitlement may contact Netaphor sales:
sales@netaphor.com or (949) 470 7955 in USA.
NetBSD
NetBSD does not ship with any SNMP tools in our 'base' releases. We
do provide optional packages which provide various support for
SNMP. These packages are not installed by default, nor are they
currently provided as an install option by the operating system
installation tools. A system administrator/end-user has to manually
install this with our package management tools. These SNMP packages
include:
+ netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for
netsaint)
+ p5-Net-SNMP-3.60 (perl5 module for SNMP queries)
+ p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP
library
+ p5-SNMP_Session-0.83 (perl5 module providing rudimentary
access to remote SNMP agents)
+ ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.1.2)
+ ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts
with ucd-snmp-4.2.1)
We do provide a software monitoring mechanism called
'audit-packages', which allows us to highlight if a package with a
range of versions has a potential vulnerability, and recommends
that the end-user upgrade the packages in question.
Netscape Communications Corporation
Netscape continues to be committed to maintaining a high level of
quality in our software and service offerings. Part of this
commitment includes prompt response to security issues discovered
by organizations such as the CERT Coordination Center.
According to a recent CERT/CC advisory, The Oulu University Secure
Programming Group (OUSPG) has reported numerous vulnerabilities in
multiple vendor SNMPv1 implementations.
We have carefully examined the reported findings, performing the
tests suggested by the OUSPG to determine whether Netscape server
products were subject to these vulnerabilities. It was determined
that several products fell into this category. As a result, we have
created fixes which will resolve the issues, and these fixes will
appear in future releases of our product line. To Netscape's
knowledge, there are no known instances of these vulnerabilities
being exploited and no customers have been affected to date.
When such security warnings are issued, Netscape has committed to -
and will continue to commit to - resolving these issues in a prompt
and timely fashion, ensuring that our customers receive products of
the highest quality and security.
NET-SNMP
All ucd-snmp version prior to 4.2.2 are susceptible to this
vulnerability and users of versions prior to version 4.2.2 are
encouraged to upgrade their software as soon as possible
(http://www.net-snmp.org/download/). Version 4.2.2 and higher are
not susceptible.
Network Associates
PGP is not affected, impacted, or otherwise related to this VU#.
Network Computing Technologies
Network Computing Technologies has reviewed the information
regarding SNMP vulnerabilities and is currently investigating the
impact to our products.
Nokia
This vulnerability is known to affect IPSO versions 3.1.3, 3.3,
3.3.1, 3.4, and 3.4.1. Patches are currently available for
versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia
website. In addition, version 3.4.2 shipped with the patch
incorporated, and the necessary fix will be included in all future
releases of IPSO.
We recommend customers install the patch immediately or follow the
recommended precautions below to avoid any potential exploit.
If you are not using SNMP services, including Traps, simply disable
the SNMP daemon to completely eliminate the potential
vulnerability.
If you are using only SNMP Traps and running Check Point
FireWall-1, create a firewall policy to disallow incoming SNMP
messages on all appropriate interfaces. Traps will continue to work
normally.
Nortel Networks
The CERT Coordination Center has issued a broad based alert to the
technology industry, including Nortel Networks, regarding potential
security vulnerabilities identified in the Simple Network
Management Protocol (SNMP), a common networking standard. The
company is working with CERT and other network equipment
manufacturers, the U.S. Government, service providers, and software
suppliers to assess and address this issue.
Novell
Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x
and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on
NetWare are fixed and will be available through NetWare 6 Support
Pack 1 & NetWare 5.1 Support Pack 4. Support packs are available at
http://support.novell.com/tools/csp/
OpenBSD
OpenBSD does not ship SNMP code.
Qualcomm
WorldMail does not support SNMP by default, so customers who run
unmodified installations are not vulnerable.
Redback Networks, Inc.
Redback Networks, Inc. has identified that the vulnerability in
question affects certain versions of AOS software on the SMS 500,
SMS 1800, and SMS 10000 platforms, and is taking the appropriate
steps necessary to correct the issue.
Red Hat
RedHat has released a security advisiory [sic] at
http://www.redhat.com/support/errata/RHSA-2001-163.html
with updated versions of the ucd-snmp package for all supported
releases and architectures. For more information or to download the
update please visit this page.
SGI
SGI acknowledges the SNMP vulnerabilities reported by CERT and is
currently investigating.
For the protection of all our customers, SGI does not disclose,
discuss or confirm vulnerabilities until a full investigation has
occurred and any necessary patch(es) or release streams are
available for all vulnerable and supported IRIX operating systems.
Until SGI has more definitive information to provide, customers are
encouraged to assume all security vulnerabilities as exploitable
and take appropriate steps according to local site security
policies and requirements. As further information becomes
available, additional advisories will be issued via the normal SGI
security information distribution methods including the wiretap
mailing list on http://www.sgi.com/support/security/.
SNMP Research International
SNMP Research has made the following vendor statement. They are
likely to revise and expand the statement as the date for the
public vulnerability announcement draws nearer. Users maintaining
earlier releases should update to the current release if they have
not already done so. Other Stonesoft's products are
still under investigation.
Sun's SNMP product, Solstice Enterprise Agents (SEA), described
here:
http://www.sun.com/solstice/products/ent.agents/
is affected by VU#854306 but not VU#107186. More specifically the
main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8.
Sun is currently generating patches for this issue and will be
releasing a Sun Security Bulletin once the patches are available.
The bulletin will be available from:
http://sunsolve.sun.com/security. Sun patches are available from:
http://sunsolve.sun.com/securitypatch.
Symantec Corporation
Symantec Corporation has investigated the SNMP issues identified by
the OUSPG test suite and determined that Symantec products are not
susceptable [sic] to these issues.
TANDBERG
Tandberg have run all the testcases found the PROTOS test-suie
[sic], c06snmpv1:
1. c06-snmpv1-trap-enc-pr1.jar
2. c06-snmpv1-treq-app-pr1.jar
3. c06-snmpv1-trap-enc-pr1.jar
4. c06-snmpv1-req-app-pr1.jar
The tests were run with standard delay time between the requests
(100ms), but also with a delay of 1ms. The tests applies to all
TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The
software tested on these products were B4.0 (our latest software)
and no problems were found when running the test suite.
Appendix B. - References 1. http://www.ee.oulu.fi/research/ouspg/protos/ 2. http://www.kb.cert.org/vuls/id/854306 3. http://www.kb.cert.org/vuls/id/107186 4. http://www.cert.org/tech_tips/denial_of_service.html 5. http://www.ietf.org/rfc/rfc1067.txt 6. http://www.ietf.org/rfc/rfc1089.txt 7. http://www.ietf.org/rfc/rfc1140.txt 8. http://www.ietf.org/rfc/rfc1155.txt 9. http://www.ietf.org/rfc/rfc1156.txt 10. http://www.ietf.org/rfc/rfc1215.txt 11. http://www.ietf.org/rfc/rfc1270.txt 12. http://www.ietf.org/rfc/rfc1352.txt
Appendix C. - Background Information
Background Information on the OUSPG
OUSPG is an academic research group located at Oulu University in
Finland. The purpose of this research group is to test software
for vulnerabilities.
History has shown that the techniques used by the OUSPG have
discovered a large number of previously undetected problems in the
products and protocols they have tested. In 2001, the OUSPG
produced a comprehensive test suite for evaluating implementations
of the Lightweight Directory Access Protocol (LDAP). This test
suite was developed with the strategy of abusing the protocol in
unsupported and unexpected ways, and it was very effective in
uncovering a wide variety of vulnerabilities across several
products. This approach can reveal vulnerabilities that would not
manifest themselves under normal conditions.
After completing its work on LDAP, OUSPG moved its focus to
SNMPv1. As with LDAP, they designed a custom test suite, began
testing a selection of products, and found a number of
vulnerabilities. Because OUSPG's work on LDAP was similar in
procedure to its current work on SNMP, you may wish to review the
LDAP Test Suite and CERT Advisory CA-2001-18, which outlined
results of application of the test suite.
In order to test the security of protocols like SNMPv1, the PROTOS
project presents a server with a wide variety of sample packets
containing unexpected values or illegally formatted data. As a
member of the PROTOS project consortium, the OUSPG used the PROTOS
c06-snmpv1 test suite to study several implementations of the
SNMPv1 protocol. Software and
firmware products designed for networks often make use of the SNMP
protocol. SNMP runs on a multitude of devices and operating
systems, including, but not limited to,
+ Core Network Devices (Routers, Switches, Hubs, Bridges, and
Wireless Network Access Points)
+ Operating Systems
+ Consumer Broadband Network Devices (Cable Modems and DSL
Modems)
+ Consumer Electronic Devices (Cameras and Image Scanners)
+ Networked Office Equipment (Printers, Copiers, and FAX
Machines)
+ Network and Systems Management/Diagnostic Frameworks (Network
Sniffers and Network Analyzers)
+ Uninterruptible Power Supplies (UPS)
+ Networked Medical Equipment (Imaging Units and Oscilloscopes)
+ Manufacturing and Processing Equipment
The SNMP protocol is formally defined in RFC1157. Quoting from
that RFC:
Implicit in the SNMP architectural model is a collection
of network management stations and network elements.
Network management stations execute management
applications which monitor and control network elements.
Network elements are devices such as hosts, gateways,
terminal servers, and the like, which have management
agents responsible for performing the network management
functions requested by the network management stations.
Additionally, SNMP is discussed in a number of other RFC
documents:
+ RFC 3000 Internet Official Protocol Standards
+ RFC 1212 Concise MIB Definitions
+ RFC 1213 Management Information Base for Network Management
of TCP/IP-based Internets: MIB-II
+ RFC 1215 A Convention for Defining Traps for use with the
SNMP
+ RFC 1270 SNMP Communications Services
+ RFC 2570 Introduction to Version 3 of the Internet-standard
Network Management Framework
+ RFC 2571 An Architecture for Describing SNMP Management
Frameworks
+ RFC 2572 Message Processing and Dispatching for the Simple
Network Management Protocol (SNMP)
+ RFC 2573 SNMP Applications
+ RFC 2574 User-based Security Model (USM) for version 3 of the
Simple Network Management Protocol (SNMPv3)
+ RFC 2575 View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP)
+ RFC 2576 Coexistence between Version 1, Version 2, and
Version 3 of the Internet-standard Network Management
Framework
_____________________________________________________________
The CERT Coordination Center thanks the Oulu University Secure
Programming Group for reporting these vulnerabilities to us, for
providing detailed technical analyses, and for assisting us in
preparing this advisory. We also thank Steven M. Bellovin (AT&T
Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP
Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),
Rob Thomas, Blue Boar (Thievco), and the many others who
contributed to this document.
_____________________________________________________________
Feedback on this document can be directed to the authors, Ian A.
Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D.
Householder, Marty Lindner, and Art Manion.
__________________________________________________________________
This document is available from:
http://www.cert.org/advisories/CA-2002-03.html
__________________________________________________________________
CERT/CC Contact Information
Email: cert@cert.org
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
Postal address:
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /
EDT(GMT-4) Monday through Friday; they are on call for emergencies
during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by
email. Our public PGP key is available from
http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more
information.
Getting security information
CERT publications and other security information are available
from our web site
http://www.cert.org/
To subscribe to the CERT mailing list for advisories and
bulletins, send email to majordomo@cert.org. Please include in the
body of your message
subscribe cert-advisory
* "CERT" and "CERT Coordination Center" are registered in the U.S.
Patent and Trademark Office.
__________________________________________________________________
NO WARRANTY
Any material furnished by Carnegie Mellon University and the
Software Engineering Institute is furnished on an "as is" basis.
Carnegie Mellon University makes no warranties of any kind, either
expressed or implied as to any matter including, but not limited
to, warranty of fitness for a particular purpose or
merchantability, exclusivity or results obtained from use of the
material. Carnegie Mellon University does not make any warranty of
any kind with respect to freedom from patent, trademark, or
copyright infringement.
_____________________________________________________________
Conditions for use, disclaimers, and sponsorship information
Copyright 2002 Carnegie Mellon University.
Revision History
February 12, 2002: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU R1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl QUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr uZiMJ5f2SEo= =h42e -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200202-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.0",
"scope": "ne",
"trust": 5.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1",
"scope": "ne",
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adventnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "american power conversion",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "aprisma",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bea",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "bmc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cnt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "comtek services",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cscare",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cacheflow",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "carrier access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "compaq computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "concord",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dart",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "entrada",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "equinox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fluke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "general datacomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hirschmann",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "iplanet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "itouch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "infovista",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "inktomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "innerdive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "karlnet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lantronix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "larscom incorporated",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mg soft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "marconi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mercury interactive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "metrobility optical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "micromuse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "monfox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "multinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net snmp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network harmoni",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nbase xyplex",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscout",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netsilicon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "netscape",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwave",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "optical access",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "perle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "powerware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "radware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "redback",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "snmp research",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sniffer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonicwall",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sonus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "symantec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "the sco group sco unix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "tivoli",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "toshiba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "unisphere",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vertical",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "vina",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "world wide packets",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "xerox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "e security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "net com",
"version": null
},
{
"model": "ios 12.2",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "ios 12.0 xe",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 dc2",
"scope": "ne",
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "snmp",
"scope": "eq",
"trust": 1.0,
"vendor": "snmp",
"version": "*"
},
{
"model": "windows 98se",
"scope": null,
"trust": 0.9,
"vendor": "microsoft",
"version": null
},
{
"model": "windows",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.9,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.0 s6",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nudesign team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "outback resource group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "veritas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bintec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "interniche",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ncipher corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "95"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "98 scd"
},
{
"model": "windows 9x",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "me"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (server)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (terminal_srv)"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "4.0 (workstation)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "windows xp gold",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "0"
},
{
"model": "windows nt",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "5.0"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "4.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "3.0.1"
},
{
"model": "sunatm",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "2.1"
},
{
"model": "ios 12.0 s7",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bx",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 xe?",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "ios 12.0 s1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 wc1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xu",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db2",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "ios 12.1 ex",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "snmp",
"scope": null,
"trust": 0.6,
"vendor": "snmp",
"version": null
},
{
"model": "sunnet manager sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "sunnet manager intel",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "sunmc rr",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "sunmc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "sunmc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1.1"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.5"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.4"
},
{
"model": "enterprise server ssp",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "100003.3"
},
{
"model": "research mid-level manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research enterpol",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "research dr-web manager",
"scope": "eq",
"trust": 0.3,
"vendor": "snmp",
"version": "15.3"
},
{
"model": "emulex 1gbit fibrechannel hub",
"scope": null,
"trust": 0.3,
"vendor": "sgi",
"version": null
},
{
"model": "brocade",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6.0"
},
{
"model": "networks aos",
"scope": null,
"trust": 0.3,
"vendor": "redback",
"version": null
},
{
"model": "realplayer intranet",
"scope": "eq",
"trust": 0.3,
"vendor": "realnetworks",
"version": "5.0"
},
{
"model": "software tcpware",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "5.5"
},
{
"model": "software multinet",
"scope": "eq",
"trust": 0.3,
"vendor": "process",
"version": "4.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.11"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.2"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4.1"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.3.1"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.3"
},
{
"model": "ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "nokia",
"version": "3.1.3"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.1"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.1.1"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "windows nt workstation sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt terminal server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6a",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows nt enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "4.0"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "98"
},
{
"model": "windows terminal services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows terminal services",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "domino snmp agents solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1x86"
},
{
"model": "domino snmp agents solaris sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "domino snmp agents hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "lrs",
"scope": null,
"trust": 0.3,
"vendor": "lantronix",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "solutions router ip console",
"scope": "eq",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.406"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "procurve switch 8000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl-bundle",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4108gl",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 4000m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2525"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2524"
},
{
"model": "procurve switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2512"
},
{
"model": "procurve switch 2424m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 2400m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "procurve switch 1600m",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ov/sam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.10"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.211.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.210.x"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.111.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.110.x"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview network node manager nt 4.x/windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.02000"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.011.x"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.010.20"
},
{
"model": "openview network node manager windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0.23.51/4.0"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.01"
},
{
"model": "openview network node manager solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview network node manager hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "openview extensible snmp agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "openview emanate snmp agent solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.22.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.211.x"
},
{
"model": "openview emanate snmp agent hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "14.210.20"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "openview distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.03"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.5"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "mc/serviceguard",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.20.00"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.00"
},
{
"model": "ito/vpo/ovo unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "ems a.03.20",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ems a.03.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "gzip",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "3.1.02"
},
{
"model": "services nmserver",
"scope": "eq",
"trust": 0.3,
"vendor": "comtek",
"version": "3.4"
},
{
"model": "associates unicenter",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7.1.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "7"
},
{
"model": "openunix",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "8.0"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.6"
},
{
"model": "openserver",
"scope": "eq",
"trust": 0.3,
"vendor": "caldera",
"version": "5.0.5"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.14"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.13"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.12"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0.11"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "4.0"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.21"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.19"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.18"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.17"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.16"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.15"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.14"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.13"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.12"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.11"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.20"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.10"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.09"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.08"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.07"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.06"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.05"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.04"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.03"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1.02"
},
{
"model": "cacheos",
"scope": "eq",
"trust": 0.3,
"vendor": "cacheflow",
"version": "3.1"
},
{
"model": "cacheos",
"scope": null,
"trust": 0.3,
"vendor": "cacheflow",
"version": null
},
{
"model": "web nms msp edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "web nms",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp utilities",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "snmp api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "mediation server",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "management builder",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "fault management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "configuration management toolkit",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "cli api",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit java/jmx edition",
"scope": null,
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "agent toolkit c edition",
"scope": "eq",
"trust": 0.3,
"vendor": "adventnet",
"version": null
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3000"
},
{
"model": "webcache",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1000"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4900"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "4400"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3300"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1100"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "50"
},
{
"model": "ps hub",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "40"
},
{
"model": "dual speed hub",
"scope": null,
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "brocade .0d",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "2.6"
},
{
"model": "ipso",
"scope": "ne",
"trust": 0.3,
"vendor": "nokia",
"version": "3.4.2"
},
{
"model": "ucd-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "4.2.2"
},
{
"model": "solutions router ip console",
"scope": "ne",
"trust": 0.3,
"vendor": "innerdive",
"version": "3.3.0.407"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.21.00"
},
{
"model": "jetdirect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
},
{
"model": "ios 12.0 wc 2900xl-lre",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4700"
},
{
"model": "ios 12.2 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7"
},
{
"model": "as5850",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000"
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ca1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(4.206)"
},
{
"model": "netranger sensor",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "as5200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vg248 analog phone gateway",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2gs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7750"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(8)"
},
{
"model": "ios 12.0 wt6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1"
},
{
"model": "traffic director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "ios 12.1 e5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "ios 12.0 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ya2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5300",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "cbos b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 11.1 cc4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 4840g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 aa4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "39203.0(7)"
},
{
"model": "secure ids network sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ios 12.2 mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7100"
},
{
"model": "cva120",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst native mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "ios 12.1 ea1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xq",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2sa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1005"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.015"
},
{
"model": "ios 12.2 mx1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1.200)"
},
{
"model": "bpx/igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "ap340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10700"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "ios 12.1 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "distributed director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2501"
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "ios 12.1 yi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 2948g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6"
},
{
"model": "ios 12.1 ew",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(7.202)"
},
{
"model": "ios 12.2 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "local director",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 da1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232"
},
{
"model": "ios 12.1 ec",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "user registration tool vlan policy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "ios 11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "igx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8240",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7010"
},
{
"model": "unity server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst hybrid mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ios 12.0 wc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(1)"
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "snmpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "ios 12.0 st5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ios 12.0 sl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.2"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 db2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.10"
},
{
"model": "ios 12.1 ey",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "ios 12.0 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.10"
},
{
"model": "catalyst msm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "nsp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.1 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "info center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "ios 12.0 wx5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "arrowpoint cs11000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure ids host sensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2950"
},
{
"model": "ios 11.1 ct",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr7200",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios 12.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ia",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8540msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv4"
},
{
"model": "ios 12.1 t12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1548"
},
{
"model": "ios 12.1 e12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 sx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.0 st",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 8510csr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bpx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xz7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2920"
},
{
"model": "ios 12.1 ea1b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2p",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "as5800",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 p2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6200"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1700"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "ios 12.1 e7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "ios 12.2 t1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "ios 12.2 xa5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.1"
},
{
"model": "ios 12.1 ew1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1ca",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.053"
},
{
"model": "catalyst 2948g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "ios 12.2 mb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ios 12.2 t0a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "ios 12.0 wc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ap350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sl6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5400",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0sp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
},
{
"model": "ios 12.0 wc2b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1400"
},
{
"model": "ios 12.1 yb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "ios 12.1 e6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(3)"
},
{
"model": "bts",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"model": "ios 12.0 sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.8"
},
{
"model": "ubr900",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3(2)"
},
{
"model": "ios 12.2 xb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.0 t2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(7)"
},
{
"model": "ios 12.1 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 sa6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sc2200/vsc3000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wan manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "infocenter",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "570"
},
{
"model": "call manager",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 sc3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 bc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8260",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(6)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "ios 12.1 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "ios 12.2 xj1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bc1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 12.1 xm7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "catalyst supervisor module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ap352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7600"
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(7)xv"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3.210)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(13)"
},
{
"model": "ios 12.2da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cache engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "505"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "catalyst xl",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "netranger",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios 12.1 ex3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "ios 12.0sl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "br350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "ios 12.2 xt3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "ios 12.0 st3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4500"
},
{
"model": "ios 12.2 xw1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 da3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "ons metro edge optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15327"
},
{
"model": "ios 12.2 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ey3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "microhub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1500"
},
{
"model": "ios 12.2 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yf4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "ios 12.0sc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4232-13"
},
{
"model": "ios 11.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "mgx-8220",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "element management framework",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "catalyst 4908g-l3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wgb340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks windows/wug",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(5)"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios 12.0 s2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 gs6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82501.2.11"
},
{
"model": "ios 12.0 xf1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"model": "rsfc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "building broadband service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "ios 12.1 ec1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1 ia",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ws-x6624",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "ios 11.1 ca2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "icdn software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "secure pix firewall",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7500"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "ios 12.2 xi1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "82301.2.11"
},
{
"model": "switchprobe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "wgb352",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cat6k nam",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "br340",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xf5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fasthub",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4001.0"
},
{
"model": "ios 12.2 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.1 ea2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rsm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0wt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nrp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6400"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.4"
},
{
"model": "ws-x6608",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1600"
},
{
"model": "ios 12.1 xz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xl4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xs?",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.9"
},
{
"model": "catalyst 8510msr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2500"
},
{
"model": "ios 12.2 ya1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "service expansion shelf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst msfc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "ios 12.0 xe1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "iad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8110"
},
{
"model": "ios 12.1 ex4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xe2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "ios 12.1 e9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios 11.1ct",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "ios 12.1 xp",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7300"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3550"
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mgx-8850 r2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ea1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "internet cdn content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "ciscoworks windows",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.2 xk2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "esr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "ls1010 atm switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 dc1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.7.002"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "ios 12.1 xi8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3900"
},
{
"model": "ios 11.3 db1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "800"
},
{
"model": "mc3810",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "as5350",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.1cc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7200"
},
{
"model": "content delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(4)"
},
{
"model": "catalyst 4912g",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intelligent contact manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "cbos ap",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "ios 12.2 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ubr10000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(2)"
},
{
"model": "ios 12.2 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:snmp:snmp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0013",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2002-0013",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0013",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#107186",
"trust": 0.8,
"value": "69.26"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#854306",
"trust": 0.8,
"value": "42.64"
},
{
"author": "CNNVD",
"id": "CNNVD-200202-004",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2002-0013",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ SNMP Protocol is status and performance information MIB (Management Information Base) Protocol used to exchange Management side SNMP Managers such as managed routers, switches and printers SNMP Communicates with management network devices called agents. Because of its wide acceptance in the market, SNMP Has become the standard for SNMP protocol version1 Is SNMPv1 Is the most widely implemented. this SNMPv1 Sent from the agent to the manager in the implementation of SNMP Trap message and sent from the manager to the agent SNMP Decrypt the request message / There are problems in interpreting. If this problem is used by an attacker, the following actions may be executed. Many other programs that you implement may also be affected because of a protocol problem. On the target host SNMP If the service is running, an attacker could execute arbitrary code \u30fb If a buffer overflow attack is feasible and a very long trap message SNMP If the host on which the service is running receives, the application may go into a denial of service state The effects described above vary from application to application. For details, refer to each product.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Windows 95 is prone to a denial-of-service vulnerability. It is possible to crash the service by transmitting to it a maliciously constructed SNMPv1 request PDU. \nThe resultant crash may be due to a buffer overflow condition. If this is the case, attackers may be able to exploit this vulnerability to execute arbitrary code. \nMultiple vulnerabilities have been discovered in a number of SNMP implementations. The vulnerabilities are known to exist in the process of decoding and interpreting SNMP request messages. \nAmong the possible consequences are denial of service and allowing attackers to compromise target systems. These depend on the individual vulnerabilities in each affected product. A general report for multiple vendors was initially published on February 12 (Bugtraq IDs 4088 and 4089), however more information is now available and a separate Bugtraq ID has been allocated for the Cisco Operating Systems and Appliances vulnerabilities. \nIt is reportedly possible for a remote attacker to create a denial of service condition by transmitting a malformed SNMP request to a vulnerable Cisco Operating System or Appliance. The affected device may reset, or require a manual reset to regain functionality. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2002-03: Multiple Vulnerabilities in Many\nImplementations of the Simple Network Management Protocol (SNMP)\n\n Original release date: February 12, 2002\n Last revised: --\n Source: CERT/CC\n\n A complete revision history can be found at the end of this file. \n\nSystems Affected\n\n Products from a very wide variety of vendors may be affected. See\n Vendor Information for details from vendors who have provided feedback\n for this advisory. \n\n In addition to the vendors who provided feedback for this advisory, a\n list of vendors whom CERT/CC contacted regarding these problems is\n available from\n http://www.kb.cert.org/vuls/id/854306\n http://www.kb.cert.org/vuls/id/107186 \n\n Many other systems making use of SNMP may also be vulnerable but were\n not specifically tested. \n\n In addition to this advisory, we also have an FAQ available at\n http://www.cert.org/tech_tips/snmp_faq.html\n\nI. \n Version 1 of the protocol (SNMPv1) defines several types of SNMP\n messages that are used to request information or configuration\n changes, respond to requests, enumerate SNMP objects, and send\n unsolicited alerts. The Oulu University Secure Programming Group\n (OUSPG, http://www.ee.oulu.fi/research/ouspg/) has reported numerous\n vulnerabilities in SNMPv1 implementations from many different vendors. \n More information about SNMP and OUSPG can be found in Appendix C\n\n OUSPG\u0027s research focused on the manner in which SNMPv1 agents and\n managers handle request and trap messages. A trap message\n may indicate a warning or error condition or otherwise notify the\n manager about the agent\u0027s state. Request\n messages might be issued to obtain information from an agent or to\n instruct the agent to configure the host device. \n\n Vulnerabilities in the decoding and subsequent processing of SNMP\n messages by both managers and agents may result in denial-of-service\n conditions, format string vulnerabilities, and buffer overflows. Some\n vulnerabilities do not require the SNMP message to use the correct\n SNMP community string. \n\n These vulnerabilities have been assigned the CVE identifiers\n CAN-2002-0012 and CAN-2002-0013, respectively. \n\nII. \n\nIII. Solution\n\n Note that many of the mitigation steps recommended below may have\n significant impact on your everyday network operations and/or network\n architecture. Ensure that any changes made based on the following\n recommendations will not unacceptably affect your ongoing network\n operations capability. \n\nApply a patch from your vendor\n\n Appendix A contains information provided by vendors for this advisory. \n Please consult this appendix to determine if you need to contact your\n vendor directly. \n\nDisable the SNMP service\n\n As a general rule, the CERT/CC recommends disabling any service or\n capability that is not explicitly required, including SNMP. \n Unfortunately, some of the affected products exhibited unexpected\n behavior or denial of service conditions when exposed to the OUSPG\n test suite even if SNMP was not enabled. In these cases, disabling\n SNMP should be used in conjunction with the filtering practices listed\n below to provide additional protection. \n\nIngress filtering\n\n As a temporary measure, it may be possible to limit the scope of these\n vulnerabilities by blocking access to SNMP services at the network\n perimeter. \n\n Ingress filtering manages the flow of traffic as it enters a network\n under your administrative control. Servers are typically the only\n machines that need to accept inbound traffic from the public Internet. \n In the network usage policy of many sites, there are few reasons for\n external hosts to initiate inbound traffic to machines that provide no\n public services. Thus, ingress filtering should be performed at the\n border to prohibit externally initiated inbound traffic to\n non-authorized services. For SNMP, ingress filtering of the following\n ports can prevent attackers outside of your network from impacting\n vulnerable devices in the local network that are not explicitly\n authorized to provide public SNMP services. \n\n snmp 161/udp # Simple Network Management Protocol (SNMP)\n snmp 162/udp # SNMP system management messages\n\n The following services are less common, but may be used on some\n affected products\n\n snmp 161/tcp # Simple Network Management Protocol\n (SNMP)\n snmp 162/tcp # SNMP system management messages\n smux 199/tcp # SNMP Unix Multiplexer\n smux 199/udp # SNMP Unix Multiplexer\n synoptics-relay 391/tcp # SynOptics SNMP Relay Port\n synoptics-relay 391/udp # SynOptics SNMP Relay Port\n agentx 705/tcp # AgentX\n snmp-tcp-port 1993/tcp # cisco SNMP TCP port\n snmp-tcp-port 1993/udp # cisco SNMP TCP port\n\n As noted above, you should carefully consider the impact of blocking\n services that you may be using. \n\n It is important to note that in many SNMP implementations, the SNMP\n daemon may bind to all IP interfaces on the device. This has important\n consequences when considering appropriate packet filtering measures\n required to protect an SNMP-enabled device. For example, even if a\n device disallows SNMP packets directed to the IP addresses of its\n normal network interfaces, it may still be possible to exploit these\n vulnerabilities on that device through the use of packets directed at\n the following IP addresses:\n * \"all-ones\" broadcast address\n * subnet broadcast address\n * any internal loopback addresses (commonly used in routers for\n management purposes, not to be confused with the IP stack loopback\n address 127.0.0.1)\n\n Careful consideration should be given to addresses of the types\n mentioned above by sites planning for packet filtering as part of\n their mitigation strategy for these vulnerabilities. \n\n Finally, sites may wish to block access to the following RPC services\n related to SNMP (listed as name, program ID, alternate names)\n\n snmp 100122 na.snmp snmp-cmc snmp-synoptics snmp-unisys\n snmp-utk\n snmpv2 100138 na.snmpv2 # SNM Version 2.2.2\n snmpXdmid 100249\n\n Please note that this workaround may not protect vulnerable devices\n from internal attacks. \n\nFilter SNMP traffic from non-authorized internal hosts\n\n In many networks, only a limited number of network management systems\n need to originate SNMP request messages. This can reduce, but not wholly eliminate, the\n risk from internal attacks. However, it may have detrimental effects\n on network performance due to the increased load imposed by the\n filtering, so careful consideration is required before implementation. \n Similar caveats to the previous workaround regarding broadcast and\n loopback addresses apply. \n\nChange default community strings\n\n Most SNMP-enabled products ship with default community strings of\n \"public\" for read-only access and \"private\" for read-write access. As\n with any known default access control mechanism, the CERT/CC\n recommends that network administrators change these community strings\n to something of their own choosing. However, even when community\n strings are changed from their defaults, they will still be passed in\n plaintext and are therefore subject to packet sniffing attacks. SNMPv3\n offers additional capabilities to ensure authentication and privacy as\n described in RFC2574. \n\n Because many of the vulnerabilities identified in this advisory occur\n before the community strings are evaluated, it is important to note\n that performing this step alone is not sufficient to mitigate the\n impact of these vulnerabilities. Nonetheless, it should be performed\n as part of good security practice. \n\nSegregate SNMP traffic onto a separate management network\n\n In situations where blocking or disabling SNMP is not possible,\n exposure to these vulnerabilities may be limited by restricting all\n SNMP access to separate, isolated management networks that are not\n publicly accessible. Although this would ideally involve physically\n separate networks, that kind of separation is probably not feasible in\n most environments. Mechanisms such as virtual LANs (VLANs) may be used\n to help segregate traffic on the same physical network. Note that\n VLANs may not strictly prevent an attacker from exploiting these\n vulnerabilities, but they may make it more difficult to initiate the\n attacks. \n\n Another option is for sites to restrict SNMP traffic to separate\n virtual private networks (VPNs), which employ cryptographically strong\n authentication. \n\n Note that these solutions may require extensive changes to a site\u0027s\n network architecture. \n\nEgress filtering\n\n Egress filtering manages the flow of traffic as it leaves a network\n under your administrative control. There is typically limited need for\n machines providing public services to initiate outbound traffic to the\n Internet. In the case of SNMP vulnerabilities, employing egress\n filtering on the ports listed above at your network border can prevent\n your network from being used as a source for attacks on other sites. \n\nDisable stack execution\n\n Disabling executable stacks (on systems where this is configurable)\n can reduce the risk of \"stack smashing\" attacks based on these\n vulnerabilities. Although this does not provide 100 percent protection\n against exploitation of these vulnerabilities, it makes the likelihood\n of a successful exploit much smaller. On many UNIX systems, executable\n stacks can be disabled by adding the following lines to /etc/system:\n\n set noexec_user_stack = 1 set noexec_user_stack_log = 1\n\n Note that this may go against the SPARC and Intel ABIs and can be\n bypassed as required in programs with mprotect(2). For the changes to\n take effect you will then need to reboot. \n\n Other operating systems and architectures also support the disabling\n of executable stacks either through native configuration parameters or\n via third-party software. Consult your vendor(s) for additional\n information. \n\nShare tools and techniques\n\n Because dealing with these vulnerabilities to systems and networks is\n so complex, the CERT/CC will provide a forum where administrators can\n share ideas and techniques that can be used to develop proper\n defenses. We have created an unmoderated mailing list for system and\n network administrators to discuss helpful techniques and tools. \n\n You can subscribe to the mailing list by sending an email message to\n majordomo@cert.org. In the body of the message, type\n\n subscribe snmp-forum\n\n After you receive the confirmation message, follow the instructions in\n the message to complete the subscription process. \n\nAppendix A. - Vendor Information\n\n This appendix contains information provided by vendors for this\n advisory. As vendors report new information to the CERT/CC, we will\n update this section and note the changes in our revision history. If a\n particular vendor is not listed below, we have not received their\n comments. \n\nAdventNet\n\n This is in reference to your notification regarding [VU#107186 and\n VU#854306] and OUSPG#0100. AdventNet Inc. has reproduced this\n behavior in their products and coded a Service Pack fix which is\n currently in regression testing in AdventNet Inc.\u0027s Q.A. \n organization. The release of AdventNet Inc\u0027s. Service Pack\n correcting the behavior outlined in VU#617947, and OUSPG#0100 is\n scheduled to be generally available to all of AdventNet Inc.\u0027s\n customers by February 20, 2002. \n\nAvaya\n\n Avaya Inc. \n\nCacheFlow\n\n The purpose of this email is to advise you that CacheFlow Inc. has\n provided a software update. Please be advised that updated versions\n of the software are now available for all supported CacheFlow\n hardware platforms, and may be obtained by CacheFlow customers at\n the following URL:\n\n http://download.cacheflow.com/\n\n The specific reference to the software update is contained within the\n Release Notes for CacheOS Versions 3.1.22 Release ID 17146, 4.0.15\n Release ID 17148, 4.1.02 Release ID 17144 and 4.0.15 Release ID 17149. \n\n RELEASE NOTES FOR CACHEFLOW SERVER ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/SA/4.0.15/relnotes.htm\n\n RELEASE NOTES FOR CACHEFLOW CONTENT ACCELERATOR PRODUCTS:\n * http://download.cacheflow.com/release/CA/3.1.22/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.0.15/relnotes.htm\n * http://download.cacheflow.com/release/CA/4.1.02/relnotes.htm\n\n * SR 1-1647517, VI 13045: This update modified a potential\n vulnerability by using an SNMP test tools exploit. \n\n3Com Corporation\n\n A vulnerability to an SNMP packet with an invalid length community\n string has been resolved in the following products. Customers\n concerned about this weakness should ensure that they upgrade to\n the following agent versions:\n PS Hub 40\n 2.16 is due Feb 2002\n PS Hub 50\n 2.16 is due Feb 2002\n Dual Speed Hub\n 2.16 is due Jan 2002\n Switch 1100/3300\n 2.68 is available now\n Switch 4400\n 2.02 is available now\n Switch 4900\n 2.04 is available now\n WebCache1000/3000\n 2.00 is due Jan 2002\n\nCaldera\n\n Caldera International, Inc. has reproduced faulty behavior in\n Caldera SCO OpenServer 5, Caldera UnixWare 7, and Caldera Open UNIX\n 8. We have coded a software fix for supported versions of Caldera\n UnixWare 7 and Caldera Open UNIX 8 that will be available from\n our support site at http://stage.caldera.com/support/security\n immediately following the publication of this CERT announcement. A\n fix for supported versions of OpenServer 5 will be available at a\n later date. \n\nCisco Systems\n\n Cisco Systems is addressing the vulnerabilities identified by\n VU#854306 and VU#107186 across its entire product line. Cisco will\n publish a security advisory with further details at\n http://www.cisco.com/go/psirt/. \n\nCompaq Computer Corporation\n\n x-ref: SSRT0779U SNMP\n At the time of writing this document, COMPAQ continues to evaluate\n this potential problem and when new versions of SNMP are available,\n COMPAQ will implement solutions based on the new code. Compaq will\n provide notice of any new patches as a result of that effort\n through standard patch notification procedures and be available\n from your normal Compaq Services support channel. \n\nComputer Associates\n\n Computer Associates has confirmed Unicenter vulnerability to the\n SNMP advisory identified by CERT notification reference [VU#107186\n \u0026 VU#854306] and OUSPG#0100. We have produced corrective\n maintenance to address these vulnerabilities, which is in the\n process of publication for all applicable releases / platforms and\n will be offered through the CA Support site. Please contact our\n Technical Support organization for information regarding\n availability / applicability for your specific configuration(s). \n\nCOMTEK Services, Inc. \n\n NMServer for AS/400 is not an SNMP master and is therefore not\n vulnerable. However this product requires the use of the AS/400\n SNMP master agent supplied by IBM. \n\n NMServer for OpenVMS has been tested and has shown to be\n vulnerable. COMTEK Services is preparing a new release of this\n product (version 3.5) which will contain a fix for this problem. \n This new release is scheduled to be available in February 2002. \n Contact COMTEK Services for further information. \n\n NMServer for VOS has not as yet been tested; vulnerability of this\n agent is unknown. Contact for further information on the testing\n schedule of the VOS product. \n\nCovalent Technologies\n\n Covalent Technologies ERS (Enterprise Ready Server), Secure Server,\n and Conductor SNMP module are not vulnerable according to testing\n performed in accordance with CERT recommendations. Security\n information for Covalent products can be found at www.covalent.net\n\nDartware, LLC\n\n Dartware, LLC (www.dartware.com) supplies two products that use\n SNMPv1 in a manager role, InterMapper and SNMP Watcher. This statement applies to all present\n and past versions of these two software packages. \n\nDMH Software\n\n DMH Software is in the process of evaluating and attempting to\n reproduce this behavior. \n It is unclear at this point if our snmp-agent is sensitive to the\n tests described above. \n If any problems will be discovered, DMH Software will code a\n software fix. \n The release of DMH Software OS correcting the behavior outlined in\n VU#854306, VU#107186, and OUSPG#0100 will be generally available to\n all of DMH Software\u0027s customers as soon as possible. \n\nEnGarde Secure Linux\n\n EnGarde Secure Linux did not ship any SNMP packages in version\n 1.0.1 of our distribution, so we are not vulnerable to either bug. \n\nFreeBSD\n\n FreeBSD does not include any SNMP software by default, and so is\n not vulnerable. However, the FreeBSD Ports Collection contains the\n UCD-SNMP / NET-SNMP package. Package versions prior to\n ucd-snmp-4.2.3 are vulnerable. The upcoming FreeBSD 4.5 release\n will ship the corrected version of the UCD-SNMP / NET-SNMP\n package. In addition, the corrected version of the packages is\n available from the FreeBSD mirrors. \n\n FreeBSD has issued the following FreeBSD Security Advisory\n regarding the UCD-SNMP / NET-SNMP package:\n ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09. \n snmp.asc. \n\nHewlett-Packard Company\n\n SUMMARY - known vulnerable:\n ========================================\n hp procurve switch 2524\n NNM (Network Node Manager)\n JetDirect Firmware (Older versions only)\n HP-UX Systems running snmpd or OPENVIEW\n MC/ServiceGuard\n EMS\n Still under investigation:\n SNMP/iX (MPE/iX)\n ========================================\n _________________________________________________________\n ---------------------------------------------------------\n hp procurve switch 2524 \n ---------------------------------------------------------\n hp procurve switch 2525 (product J4813A) is vulnerable to some\n issues, patches in process. Watch for the associated HP\n Security Bulletin. \n ---------------------------------------------------------\n NNM (Network Node Manager)\n ---------------------------------------------------------\n Some problems were found in NNM product were related to\n trap handling. Patches in process. Watch for the\n associated HP Security Bulletin. \n ---------------------------------------------------------\n JetDirect Firmware (Older versions only)\n ---------------------------------------------------------\n ONLY some older versions of JetDirect Firmware are\n vulnerable to some of the issues. The older firmware\n can be upgraded in most cases, see list below. \n JetDirect Firmware Version State\n ========================== =====\n X.08.32 and higher NOT Vulnerable\n X.21.00 and higher NOT Vulnerable\n JetDirect Product Numbers that can be freely\n upgraded to X.08.32 or X.21.00 or higher firmware. \n EIO (Peripherals Laserjet 4000, 5000, 8000, etc...)\n J3110A 10T\n J3111A 10T/10B2/LocalTalk\n J3112A Token Ring (discontinued)\n J3113A 10/100 (discontinued)\n J4169A 10/100\n J4167A Token Ring\n MIO (Peripherals LaserJet 4, 4si, 5si, etc...)\n J2550A/B 10T (discontinued)\n J2552A/B 10T/10Base2/LocalTalk (discontinued)\n J2555A/B Token Ring (discontinued)\n J4100A 10/100\n J4105A Token Ring\n J4106A 10T\n External Print Servers\n J2591A EX+ (discontinued)\n J2593A EX+3 10T/10B2 (discontinued)\n J2594A EX+3 Token Ring (discontinued)\n J3263A 300X 10/100\n J3264A 500X Token Ring\n J3265A 500X 10/100\n ----------------------------------------------------------\n HP-UX Systems running snmpd or OPENVIEW\n ----------------------------------------------------------\n The following patches are available now:\n PHSS_26137 s700_800 10.20 OV EMANATE14.2 Agent Consolidated Patch\n PHSS_26138 s700_800 11.X OV EMANATE14.2 Agent Consolidated Patch\n PSOV_03087 EMANATE Release 14.2 Solaris 2.X Agent Consolidated\n Patch\n All three patches are available from:\n http://support.openview.hp.com/cpe/patches/\n In addition PHSS_26137 and PHSS_26138 will soon be available from:\n http://itrc.hp.com\n ================================================================\n NOTE: The patches are labeled OV(Open View). However, the patches\n are also applicable to systems that are not running Open View. \n =================================================================\n Any HP-UX 10.X or 11.X system running snmpd or snmpdm is\n vulnerable. \n To determine if your HP-UX system has snmpd or snmpdm installed:\n swlist -l file | grep snmpd\n If a patch is not available for your platform or you cannot install\n an available patch, snmpd and snmpdm can be disabled by removing\n their\n entries from /etc/services and removing the execute permissions\n from\n /usr/sbin/snmpd and /usr/sbin/snmpdm. \n ----------------------------------------------------------------\n Investigation completed, systems vulnerable. \n ----------------------------------------------------------------\n MC/ServiceGuard\n Event Monitoring System (EMS)\n ----------------------------------------------------------------\n Still under investigation:\n ----------------------------------------------------------------\n SNMP/iX (MPE/iX)\n\nHirschmann Electronics GmbH \u0026 Co. KG\n\n Hirschmann Electronics GmbH \u0026 Co. KG supplies a broad range of\n networking products, some of which are affected by the SNMP\n vulnerabilities identified by CERT Coordination Center. Hirschmann customers may contact our Competence\n Center (phone +49-7127-14-1538, email:\n ans-support@nt.hirschmann.de) for additional information,\n especially regarding availability of latest firmware releases\n addressing the SNMP vulnerabilities. \n\nIBM Corporation\n\n Based upon the results of running the test suites we have\n determined that our version of SNMP shipped with AIX is NOT\n vulnerable. \n\nInnerdive Solutions, LLC\n\n Innerdive Solutions, LLC has two SNMP based products:\n 1. The \"SNMP MIB Scout\"\n (http://www.innerdive.com/products/mibscout/)\n 2. The \"Router IP Console\" (http://www.innerdive.com/products/ric/)\n The \"SNMP MIB Scout\" is not vulnerable to either bug. \n The \"Router IP Console\" releases prior to 3.3.0.407 are vulnerable. \n The release of \"Router IP Console\" correcting the behavior outlined\n in OUSPG#0100 is 3.3.0.407 and is already available on our site. \n Also, we will notify all our customers about this new release no\n later than March 5, 2002. \n\nJuniper Networks\n\n This is in reference to your notification regarding CAN-2002-0012\n and CAN-2002-0013. Juniper Networks has reproduced this behavior\n and coded a software fix. The fix will be included in all releases\n of JUNOS Internet software built after January 5, 2002. Customers\n with current support contracts can download new software with the\n fix from Juniper\u0027s web site at www.juniper.net. \n Note: The behavior described in CAN-2002-0012 and CAN-2002-0013 can\n only be reproduced in JUNOS Internet software if certain tracing\n options are enabled. These options are generally not enabled in\n production routers. \n\nLantronix, Inc. \n\n Lantronix is committed to resolving security issues with our\n products. The SNMP security bug you reported has been fixed in LRS\n firmware version B1.3/611(020123). \n\nLotus Development Corporation\n\n Lotus Software evaluated the Lotus Domino Server for\n vulnerabilities using the test suite materials provided by OUSPG. \n This problem does not affect default installations of the Domino\n Server. However, SNMP agents can be installed from the CD to\n provide SNMP services for the Domino Server (these are located in\n the /apps/sysmgmt/agents directory). The optional platform\n specific master and encapsulator agents included with the Lotus\n Domino SNMP Agents for HP-UX and Solaris have been found to be\n vulnerable. For those platforms, customers should upgrade to\n version R5.0.1 a of the Lotus Domino SNMP Agents, available for\n download from the Lotus Knowledge Base on the IBM Support Web Site\n (http://www.ibm.com/software/lotus/support/). Please refer to\n Document #191059, \"Lotus Domino SNMP Agents R5.0.1a\", also in the\n Lotus Knowledge Base, for more details. \n\nLOGEC Systems Inc\n\n The products from LOGEC Systems are exposed to SNMP only via HP\n OpenView. We do not have an implementation of SNMP ourselves. As\n such, there is nothing in our products that would be an issue with\n this alert. \n\nLucent\n\n Lucent is aware of reports that there is a vulnerability in certain\n implementations of the SNMP (Simple Network Management Protocol)\n code that is used in data switches and other hardware throughout\n the telecom industry. \n As soon as we were notified by CERT, we began assessing our product\n portfolio and notifying customers with products that might be\n affected. \n Our 5ESS switch and most of our optical portfolio were not\n affected. Our core and edge ATM switches and most of our edge\n access products are affected, but we have developed, tested, and\n deployed fixes for many of those products to our customers. \n We consider the security and reliability of our customers\u0027 networks\n to be one of our critical measures of success. We take every\n reasonable measure to ensure their satisfaction. \n In addition, we are working with customers on ways to further\n enhance the security they have in place today. \n\nMarconi\n\n Marconi supplies a broad range of telecommunications and related\n products, some of which are affected by the SNMP vulnerabilities\n identified here. Those\n Marconi customers with support entitlement may contact the\n appropriate Technical Assistance Center (TAC) for additional\n information. Those not under support entitlement may contact their\n sales representative. \n\nMicrosoft Corporation\n\n The Microsoft Security Reponse [sic] Center has investigated this\n issue, and provides the following information. The SNMP v1 service is not installed or running by\n default on any version of Windows. A patch is underway to eliminate\n the vulnerability. In the meantime, we recommend that affected\n customers disable the SNMP v1 service. \n\n Details:\n An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE. \n It is not installed or running by default on any of these\n platforms. An SNMP v1 is NOT provided for Windows ME. However, it\n is possible that Windows 98 machines which had the service\n installed and were upgraded would still have the service. Since\n SNMP is not supported for WinME, customers in this situation are\n urged to remove the SNMP service. \n An SNMP v1 service is available on Windows NT 4.0 (including\n Terminal Server Edition) and Windows 2000 but is not installed or\n running by default on any of these platforms.Windows XP does not\n ship with an SNMP v1 service. \n\n Remediation:\n A patch is underway for the affected platforms, and will be\n released shortly. In the meantime, Microsoft recommends that\n customers who have the SNMP v1 service running disable it to\n protect their systems. Following are instruction for doing this:\n\n Windows 95, 98 and 98SE:\n 1. In Control Panel, double-click Network. \n 2. On the Configuration tab, select Microsoft SNMP Agent from the\n list of installed components. \n 3. Click Remove\n\n Check the following keys and confirm that snmp.exe is not listed. \n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunSer\n vices\n HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\n \n For Windows XP:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n \n For Windows NT 4.0 (including Terminal Server Edition):\n 1. Select Start, then Settings. \n 2. Select Control Panel, then click on the Services Icon\n 3. Locate SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close Control Panel\n\n Windows 2000:\n 1. Right-click on My Computer and select Manage\n 2. Click on Services and Applications, then on Services\n 3. Location SNMP on the list of services, then select it and click\n Stop. \n 4. Select Startup, and click Disabled. \n 5. Click OK to close the dialoge [sic], then close the Computer\n Management window. \n\nMultinet\n\n MultiNet and TCPware customers should contact Process Software to\n check for the availability of patches for this issue. A couple of\n minor problems were found and fixed, but there is no security risk\n related to the SNMP code included with either product. \n\nNetaphor\n\n NETAPHOR SOFTWARE INC. is the creator of Cyberons for Java -- SNMP\n Manager Toolkit and Cyberons for Java -- NMS Application Toolkit,\n two Java based products that may be affected by the SNMP\n vulnerabilities identified here. The manner in which they are\n affected and the actions required (if any) to avoid being impacted\n by exploitation of these vulnerabilities, may be obtained by\n contacting Netaphor via email at info@netaphor.com Customers with\n annual support may contact support@netaphor.com directly. Those not\n under support entitlement may contact Netaphor sales:\n sales@netaphor.com or (949) 470 7955 in USA. \n\nNetBSD\n\n NetBSD does not ship with any SNMP tools in our \u0027base\u0027 releases. We\n do provide optional packages which provide various support for\n SNMP. These packages are not installed by default, nor are they\n currently provided as an install option by the operating system\n installation tools. A system administrator/end-user has to manually\n install this with our package management tools. These SNMP packages\n include:\n + netsaint-plugin-snmp-1.2.8.4 (SNMP monitoring plug-in for\n netsaint)\n + p5-Net-SNMP-3.60 (perl5 module for SNMP queries)\n + p5-SNMP-3.1.0 (Perl5 module for interfacing to the UCD SNMP\n library\n + p5-SNMP_Session-0.83 (perl5 module providing rudimentary\n access to remote SNMP agents)\n + ucd-snmp-4.2.1 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.1.2)\n + ucd-snmp-4.1.2 (Extensible SNMP implementation) (conflicts\n with ucd-snmp-4.2.1)\n\n We do provide a software monitoring mechanism called\n \u0027audit-packages\u0027, which allows us to highlight if a package with a\n range of versions has a potential vulnerability, and recommends\n that the end-user upgrade the packages in question. \n\nNetscape Communications Corporation\n\n Netscape continues to be committed to maintaining a high level of\n quality in our software and service offerings. Part of this\n commitment includes prompt response to security issues discovered\n by organizations such as the CERT Coordination Center. \n According to a recent CERT/CC advisory, The Oulu University Secure\n Programming Group (OUSPG) has reported numerous vulnerabilities in\n multiple vendor SNMPv1 implementations. \n We have carefully examined the reported findings, performing the\n tests suggested by the OUSPG to determine whether Netscape server\n products were subject to these vulnerabilities. It was determined\n that several products fell into this category. As a result, we have\n created fixes which will resolve the issues, and these fixes will\n appear in future releases of our product line. To Netscape\u0027s\n knowledge, there are no known instances of these vulnerabilities\n being exploited and no customers have been affected to date. \n When such security warnings are issued, Netscape has committed to -\n and will continue to commit to - resolving these issues in a prompt\n and timely fashion, ensuring that our customers receive products of\n the highest quality and security. \n\nNET-SNMP\n\n All ucd-snmp version prior to 4.2.2 are susceptible to this\n vulnerability and users of versions prior to version 4.2.2 are\n encouraged to upgrade their software as soon as possible\n (http://www.net-snmp.org/download/). Version 4.2.2 and higher are\n not susceptible. \n\nNetwork Associates\n\n PGP is not affected, impacted, or otherwise related to this VU#. \n\nNetwork Computing Technologies\n\n Network Computing Technologies has reviewed the information\n regarding SNMP vulnerabilities and is currently investigating the\n impact to our products. \n\nNokia\n\n This vulnerability is known to affect IPSO versions 3.1.3, 3.3,\n 3.3.1, 3.4, and 3.4.1. Patches are currently available for\n versions 3.3, 3.3.1, 3.4 and 3.4.1 for download from the Nokia\n website. In addition, version 3.4.2 shipped with the patch\n incorporated, and the necessary fix will be included in all future\n releases of IPSO. \n We recommend customers install the patch immediately or follow the\n recommended precautions below to avoid any potential exploit. \n If you are not using SNMP services, including Traps, simply disable\n the SNMP daemon to completely eliminate the potential\n vulnerability. \n If you are using only SNMP Traps and running Check Point\n FireWall-1, create a firewall policy to disallow incoming SNMP\n messages on all appropriate interfaces. Traps will continue to work\n normally. \n\nNortel Networks\n\n The CERT Coordination Center has issued a broad based alert to the\n technology industry, including Nortel Networks, regarding potential\n security vulnerabilities identified in the Simple Network\n Management Protocol (SNMP), a common networking standard. The\n company is working with CERT and other network equipment\n manufacturers, the U.S. Government, service providers, and software\n suppliers to assess and address this issue. \n\nNovell\n\n Novell ships SNMP.NLM and SNMPLOG.NLM with NetWare 4.x, NetWare 5.x\n and 6.0 systems. The SNMP and SNMPLOG vulnerabilities detected on\n NetWare are fixed and will be available through NetWare 6 Support\n Pack 1 \u0026 NetWare 5.1 Support Pack 4. Support packs are available at\n http://support.novell.com/tools/csp/\n\nOpenBSD\n\n OpenBSD does not ship SNMP code. \n\nQualcomm\n\n WorldMail does not support SNMP by default, so customers who run\n unmodified installations are not vulnerable. \n\nRedback Networks, Inc. \n\n Redback Networks, Inc. has identified that the vulnerability in\n question affects certain versions of AOS software on the SMS 500,\n SMS 1800, and SMS 10000 platforms, and is taking the appropriate\n steps necessary to correct the issue. \n\nRed Hat\n\n RedHat has released a security advisiory [sic] at\n http://www.redhat.com/support/errata/RHSA-2001-163.html\n with updated versions of the ucd-snmp package for all supported\n releases and architectures. For more information or to download the\n update please visit this page. \n\nSGI\n\n SGI acknowledges the SNMP vulnerabilities reported by CERT and is\n currently investigating. \n For the protection of all our customers, SGI does not disclose,\n discuss or confirm vulnerabilities until a full investigation has\n occurred and any necessary patch(es) or release streams are\n available for all vulnerable and supported IRIX operating systems. \n Until SGI has more definitive information to provide, customers are\n encouraged to assume all security vulnerabilities as exploitable\n and take appropriate steps according to local site security\n policies and requirements. As further information becomes\n available, additional advisories will be issued via the normal SGI\n security information distribution methods including the wiretap\n mailing list on http://www.sgi.com/support/security/. \n\nSNMP Research International\n\n SNMP Research has made the following vendor statement. They are\n likely to revise and expand the statement as the date for the\n public vulnerability announcement draws nearer. Users maintaining\n earlier releases should update to the current release if they have\n not already done so. Other Stonesoft\u0027s products are\n still under investigation. \n\n Sun\u0027s SNMP product, Solstice Enterprise Agents (SEA), described\n here:\n http://www.sun.com/solstice/products/ent.agents/\n is affected by VU#854306 but not VU#107186. More specifically the\n main agent of SEA, snmpdx(1M), is affected on Solaris 2.6, 7, 8. \n Sun is currently generating patches for this issue and will be\n releasing a Sun Security Bulletin once the patches are available. \n The bulletin will be available from:\n http://sunsolve.sun.com/security. Sun patches are available from:\n http://sunsolve.sun.com/securitypatch. \n\nSymantec Corporation\n\n Symantec Corporation has investigated the SNMP issues identified by\n the OUSPG test suite and determined that Symantec products are not\n susceptable [sic] to these issues. \n\nTANDBERG\n\n Tandberg have run all the testcases found the PROTOS test-suie\n [sic], c06snmpv1:\n 1. c06-snmpv1-trap-enc-pr1.jar\n 2. c06-snmpv1-treq-app-pr1.jar\n 3. c06-snmpv1-trap-enc-pr1.jar\n 4. c06-snmpv1-req-app-pr1.jar\n The tests were run with standard delay time between the requests\n (100ms), but also with a delay of 1ms. The tests applies to all\n TANDBERG products (T500, T880, T1000, T2500, T6000 and T8000). The\n software tested on these products were B4.0 (our latest software)\n and no problems were found when running the test suite. \n\nAppendix B. - References\n 1. http://www.ee.oulu.fi/research/ouspg/protos/\n 2. http://www.kb.cert.org/vuls/id/854306\n 3. http://www.kb.cert.org/vuls/id/107186\n 4. http://www.cert.org/tech_tips/denial_of_service.html\n 5. http://www.ietf.org/rfc/rfc1067.txt\n 6. http://www.ietf.org/rfc/rfc1089.txt\n 7. http://www.ietf.org/rfc/rfc1140.txt\n 8. http://www.ietf.org/rfc/rfc1155.txt\n 9. http://www.ietf.org/rfc/rfc1156.txt\n 10. http://www.ietf.org/rfc/rfc1215.txt\n 11. http://www.ietf.org/rfc/rfc1270.txt\n 12. http://www.ietf.org/rfc/rfc1352.txt\n\nAppendix C. - Background Information\n\n Background Information on the OUSPG\n\n OUSPG is an academic research group located at Oulu University in\n Finland. The purpose of this research group is to test software\n for vulnerabilities. \n History has shown that the techniques used by the OUSPG have\n discovered a large number of previously undetected problems in the\n products and protocols they have tested. In 2001, the OUSPG\n produced a comprehensive test suite for evaluating implementations\n of the Lightweight Directory Access Protocol (LDAP). This test\n suite was developed with the strategy of abusing the protocol in\n unsupported and unexpected ways, and it was very effective in\n uncovering a wide variety of vulnerabilities across several\n products. This approach can reveal vulnerabilities that would not\n manifest themselves under normal conditions. \n After completing its work on LDAP, OUSPG moved its focus to\n SNMPv1. As with LDAP, they designed a custom test suite, began\n testing a selection of products, and found a number of\n vulnerabilities. Because OUSPG\u0027s work on LDAP was similar in\n procedure to its current work on SNMP, you may wish to review the\n LDAP Test Suite and CERT Advisory CA-2001-18, which outlined\n results of application of the test suite. \n In order to test the security of protocols like SNMPv1, the PROTOS\n project presents a server with a wide variety of sample packets\n containing unexpected values or illegally formatted data. As a\n member of the PROTOS project consortium, the OUSPG used the PROTOS\n c06-snmpv1 test suite to study several implementations of the\n SNMPv1 protocol. Software and\n firmware products designed for networks often make use of the SNMP\n protocol. SNMP runs on a multitude of devices and operating\n systems, including, but not limited to,\n + Core Network Devices (Routers, Switches, Hubs, Bridges, and\n Wireless Network Access Points)\n + Operating Systems\n + Consumer Broadband Network Devices (Cable Modems and DSL\n Modems)\n + Consumer Electronic Devices (Cameras and Image Scanners)\n + Networked Office Equipment (Printers, Copiers, and FAX\n Machines)\n + Network and Systems Management/Diagnostic Frameworks (Network\n Sniffers and Network Analyzers)\n + Uninterruptible Power Supplies (UPS)\n + Networked Medical Equipment (Imaging Units and Oscilloscopes)\n + Manufacturing and Processing Equipment\n The SNMP protocol is formally defined in RFC1157. Quoting from\n that RFC:\n\n Implicit in the SNMP architectural model is a collection\n of network management stations and network elements. \n Network management stations execute management\n applications which monitor and control network elements. \n Network elements are devices such as hosts, gateways,\n terminal servers, and the like, which have management\n agents responsible for performing the network management\n functions requested by the network management stations. \n\n Additionally, SNMP is discussed in a number of other RFC\n documents:\n + RFC 3000 Internet Official Protocol Standards\n + RFC 1212 Concise MIB Definitions\n + RFC 1213 Management Information Base for Network Management\n of TCP/IP-based Internets: MIB-II\n + RFC 1215 A Convention for Defining Traps for use with the\n SNMP\n + RFC 1270 SNMP Communications Services\n + RFC 2570 Introduction to Version 3 of the Internet-standard\n Network Management Framework\n + RFC 2571 An Architecture for Describing SNMP Management\n Frameworks\n + RFC 2572 Message Processing and Dispatching for the Simple\n Network Management Protocol (SNMP)\n + RFC 2573 SNMP Applications\n + RFC 2574 User-based Security Model (USM) for version 3 of the\n Simple Network Management Protocol (SNMPv3)\n + RFC 2575 View-based Access Control Model (VACM) for the\n Simple Network Management Protocol (SNMP)\n + RFC 2576 Coexistence between Version 1, Version 2, and\n Version 3 of the Internet-standard Network Management\n Framework\n _____________________________________________________________\n\n The CERT Coordination Center thanks the Oulu University Secure\n Programming Group for reporting these vulnerabilities to us, for\n providing detailed technical analyses, and for assisting us in\n preparing this advisory. We also thank Steven M. Bellovin (AT\u0026T\n Labs -- Research), Wes Hardaker (Net-SNMP), Steve Moulton (SNMP\n Research), Tom Reddington (Bell Labs), Mike Duckett (Bell South),\n Rob Thomas, Blue Boar (Thievco), and the many others who\n contributed to this document. \n _____________________________________________________________\n\n Feedback on this document can be directed to the authors, Ian A. \n Finlay, Shawn V. Hernan, Jason A. Rafail, Chad Dougherty, Allen D. \n Householder, Marty Lindner, and Art Manion. \n __________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2002-03.html\n __________________________________________________________________\n\n CERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n \n Using encryption\n We strongly urge you to encrypt sensitive information sent by\n email. Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n If you prefer to use DES, please call the CERT hotline for more\n information. \n \n Getting security information\n CERT publications and other security information are available\n from our web site\n http://www.cert.org/\n To subscribe to the CERT mailing list for advisories and\n bulletins, send email to majordomo@cert.org. Please include in the\n body of your message\n \n subscribe cert-advisory\n \n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n __________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the\n Software Engineering Institute is furnished on an \"as is\" basis. \n Carnegie Mellon University makes no warranties of any kind, either\n expressed or implied as to any matter including, but not limited\n to, warranty of fitness for a particular purpose or\n merchantability, exclusivity or results obtained from use of the\n material. Carnegie Mellon University does not make any warranty of\n any kind with respect to freedom from patent, trademark, or\n copyright infringement. \n _____________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n Copyright 2002 Carnegie Mellon University. \n\nRevision History\n\n February 12, 2002: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPGltxKCVPMXQI2HJAQGVeAQAuHtxGBsmU5HI6PtqhpZ1rkpV+Cq3ChIU\nR1FUz4Zi2vzklH8jdXd10KqwZAPhXTPazeguhRyLVSUprMlSKqcXg3BCkH/y4WAl\nQUZ1VnQXMnMrxIJO1fv0WW0pcyM4W0iQBl0kCIlawPcjCGVniOCOr+4CE0f923wr\nuZiMJ5f2SEo=\n=h42e\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0013"
},
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "PACKETSTORM",
"id": "25758"
}
],
"trust": 4.59
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=21296",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2002-0013"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#854306",
"trust": 4.0
},
{
"db": "NVD",
"id": "CVE-2002-0013",
"trust": 3.4
},
{
"db": "BID",
"id": "4132",
"trust": 1.9
},
{
"db": "BID",
"id": "4732",
"trust": 1.9
},
{
"db": "BID",
"id": "4089",
"trust": 1.9
},
{
"db": "BID",
"id": "4088",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#107186",
"trust": 1.5
},
{
"db": "XF",
"id": "8176",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034",
"trust": 0.8
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:87",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:298",
"trust": 0.6
},
{
"db": "ISS",
"id": "20020212 PROTOS REMOTE SNMP ATTACK TOOL",
"trust": 0.6
},
{
"db": "MS",
"id": "MS02-006",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2001:163",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57404",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2002-03",
"trust": 0.6
},
{
"db": "SGI",
"id": "20020201-01-A",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004",
"trust": 0.6
},
{
"db": "BID",
"id": "89608",
"trust": 0.3
},
{
"db": "BID",
"id": "89661",
"trust": 0.3
},
{
"db": "EXPLOIT-DB",
"id": "21296",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2002-0013",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "25758",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
}
]
},
"id": "VAR-200202-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42828385666666663
},
"last_update_date": "2023-12-18T12:47:42.158000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00184",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00964944"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ibm.com/jp/"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2001-163.html"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-1"
},
{
"title": "#00215",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00215-3"
},
{
"title": "MS02-006",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms02-006.mspx"
},
{
"title": "RHSA-2001:163",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2001-163j.html"
},
{
"title": "Cisco: Malformed SNMP Message-Handling Vulnerabilities for Cisco Non-IOS Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20020211-snmp-msgs-non-ios"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "http://www.cert.org/advisories/ca-2002-03.html"
},
{
"trust": 3.3,
"url": "http://www.kb.cert.org/vuls/id/854306"
},
{
"trust": 2.3,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2001-163.html"
},
{
"trust": 1.7,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/"
},
{
"trust": 1.7,
"url": "http://www.cert.org/tech_tips/denial_of_service.html"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1215.txt"
},
{
"trust": 1.7,
"url": "http://www.ietf.org/rfc/rfc1270.txt"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/alerts/advise110.php"
},
{
"trust": 1.7,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20020201-01-a"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57404-1"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc3000.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1212.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc1213.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2570.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2571.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2572.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2573.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2574.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2575.txt"
},
{
"trust": 1.6,
"url": "http://www.ietf.org/rfc/rfc2576.txt"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4088"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4132"
},
{
"trust": 1.6,
"url": "http://online.securityfocus.com/bid/4732"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/4089"
},
{
"trust": 1.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0013"
},
{
"trust": 1.2,
"url": "http://www.microsoft.com/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a87"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a298"
},
{
"trust": 1.1,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/m-042.shtml"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20020213snmp.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020701.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr020901.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2002/at020001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-03"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0013"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/8176"
},
{
"trust": 0.7,
"url": "http://www.kb.cert.org/vuls/id/107186"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0012"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:87"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:298"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f44605"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f42769"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f43365"
},
{
"trust": 0.3,
"url": "http://online.securityfocus.com/news/474"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-006.asp"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/snmp_2002_alert.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f46343"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-non-ios-pub.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/21296/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20020211-snmp-msgs-non-ios"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1352.txt"
},
{
"trust": 0.1,
"url": "http://www.cert.org/tech_tips/snmp_faq.html"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.1.02/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/ric/)"
},
{
"trust": 0.1,
"url": "https://www.juniper.net."
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/securitypatch."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt/."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1067.txt"
},
{
"trust": 0.1,
"url": "https://www.dartware.com)"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1140.txt"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://www.sun.com/solstice/products/ent.agents/"
},
{
"trust": 0.1,
"url": "http://stage.caldera.com/support/security"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/)"
},
{
"trust": 0.1,
"url": "http://www.net-snmp.org/download/)."
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.ibm.com/software/lotus/support/)."
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/sa/4.0.15/relnotes.htm"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/"
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1156.txt"
},
{
"trust": 0.1,
"url": "http://support.novell.com/tools/csp/"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/cpe/patches/"
},
{
"trust": 0.1,
"url": "https://www.covalent.net"
},
{
"trust": 0.1,
"url": "http://www.innerdive.com/products/mibscout/)"
},
{
"trust": 0.1,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/0100.h"
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/security."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1155.txt"
},
{
"trust": 0.1,
"url": "http://www.stonesoft.com/support/techcenter/"
},
{
"trust": 0.1,
"url": "http://www.sgi.com/support/security/."
},
{
"trust": 0.1,
"url": "http://www.ietf.org/rfc/rfc1089.txt"
},
{
"trust": 0.1,
"url": "http://download.cacheflow.com/release/ca/3.1.22/relnotes.htm"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#107186"
},
{
"db": "CERT/CC",
"id": "VU#854306"
},
{
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"db": "PACKETSTORM",
"id": "25758"
},
{
"db": "NVD",
"id": "CVE-2002-0013"
},
{
"db": "CNNVD",
"id": "CNNVD-200202-004"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-01-16T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2002-02-12T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2002-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4089"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"date": "2002-02-12T22:54:19",
"db": "PACKETSTORM",
"id": "25758"
},
{
"date": "2002-02-13T05:00:00",
"db": "NVD",
"id": "CVE-2002-0013"
},
{
"date": "2002-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-004"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#107186"
},
{
"date": "2007-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#854306"
},
{
"date": "2018-10-12T00:00:00",
"db": "VULMON",
"id": "CVE-2002-0013"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89608"
},
{
"date": "2002-03-08T00:00:00",
"db": "BID",
"id": "89661"
},
{
"date": "2002-05-13T00:00:00",
"db": "BID",
"id": "4732"
},
{
"date": "2009-07-11T10:56:00",
"db": "BID",
"id": "4089"
},
{
"date": "2002-02-12T00:00:00",
"db": "BID",
"id": "4132"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000034"
},
{
"date": "2018-10-12T21:30:48.157000",
"db": "NVD",
"id": "CVE-2002-0013"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200202-004"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
},
{
"db": "BID",
"id": "4732"
},
{
"db": "BID",
"id": "4089"
},
{
"db": "BID",
"id": "4132"
}
],
"trust": 1.5
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SNMPv1 trap handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#107186"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "89608"
},
{
"db": "BID",
"id": "89661"
}
],
"trust": 0.6
}
}
VAR-200711-0394
Vulnerability from variot - Updated: 2023-12-18 12:23Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection. This may allow malicious HTTP traffic to bypass content scanning systems. Attackers may send this type of HTTP data to evade detection and perform further attacks. Cisco has stated that all IOS releases that support the Firewall/IPS feature set are affected. Although we currently have no definitive list of such versions, Symantec is investigating the matter and will update this BID's list of vulnerable systems appropriately.
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
Download the free PSI BETA from the Secunia website: https://psi.secunia.com/
TITLE: Novell iChain HTTP Unicode Encoding Detection Bypass
SECUNIA ADVISORY ID: SA26692
VERIFY ADVISORY: http://secunia.com/advisories/26692/
CRITICAL: Less critical
IMPACT: Security Bypass
WHERE:
From remote
SOFTWARE: Novell iChain 2.x http://secunia.com/product/1423/
DESCRIPTION: A vulnerability has been reported in Novell iChain, which can be exploited by malicious people to bypass certain security restrictions.
SOLUTION: Apply iChain 2.3 SP5 Interim Release 3 or greater (2.3.408).
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Full-width and half-width is an encoding technique for Unicode characters.
Some Open Source or Microsoft Products such as Microsoft ISS and .NET Framework properly decode this type of encoding.
Risk Level : High
Impact : Security Bypass
Systems Affected :
Checkpoint Web Intelligence (Confirmed) IBM ISS Proventia Series (Confirmed) Full List of Vendors : (CERT - Vulnerability Note VU#739224) [1]
Remedy :
Contact your vendor for a hotfix, patch or advanced configuration.
Credits :
Fatih Ozavci (GamaTEAM Member) Caglar Cakici (GamaTEAM Member) It's detected using GamaSEC Exploit Framework GamaSEC Information Security Audit and Consulting Services (www.gamasec.net)
Original Advisory Link : http://www.gamasec.net/english/gs07-01.html
References :
-
CERT - Vulnerability Note VU#739224 http://www.kb.cert.org/vuls/id/739224
-
Unicode Home Page http://unicode.org
-
Unicode.org, Halfwidth and Fullwidth Forms http://www.unicode.org/charts/PDF/UFF00.pdf
-- Best Regards Fatih Ozavci IT Security Consultant .
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
The vulnerability is reported in versions prior to 4.0.
SOLUTION: Update to version 4.0 or later.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/
The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200711-0394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.3",
"scope": null,
"trust": 8.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t",
"scope": null,
"trust": 4.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4",
"scope": null,
"trust": 2.1,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t8",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 t",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t4",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system 5.1",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ja",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t2",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "stonegate ips",
"scope": "lte",
"trust": 1.0,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "ios 12.4 t2",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t9",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t10",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ja1",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing network security division",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tippingpoint",
"version": null
},
{
"model": "stonegate ips",
"scope": "lt",
"trust": 0.8,
"vendor": "stonesoft",
"version": "4.0"
},
{
"model": "ios 12.4 t1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 mr",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg5",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yf",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t7",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t11",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 jk",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xe4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t5",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system 5.0",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "stonegate ips",
"scope": "eq",
"trust": 0.6,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "zpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "x5060"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "x5050"
},
{
"model": "sms",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": "600e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": "5000e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "500"
},
{
"model": "2400e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": "200e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "2000"
},
{
"model": "1200e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": "stonegate ips sensor and analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.2"
},
{
"model": "stonegate ips sensor and analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.1"
},
{
"model": "stonegate ips sensor and analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.4.3"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.4"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.4"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.8)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.7)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.19)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.17)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.16)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.15)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.14)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.10)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(1)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.(2.49)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.(2.48)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2.5)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0(5.2)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0(5)"
},
{
"model": "pix series security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5007.1"
},
{
"model": "pix series security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5007.0"
},
{
"model": "ios -7-ja2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ios 12.4xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4sw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4mr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(8)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(7)"
},
{
"model": "ios 12.4 t6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(5)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(3)"
},
{
"model": "ios 12.4 xb2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 t4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 t3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(12)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(1)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "ios 12.3yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ys",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3xx"
},
{
"model": "ios 12.3xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3xv"
},
{
"model": "ios 12.3xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3tpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jeb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jea",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ja",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(9)"
},
{
"model": "ios 12.3 yi3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ya1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xy6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xy5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xy4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xu2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(7.7)"
},
{
"model": "ios 12.3 xr6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xr3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi8a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t12",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 jx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(6)"
},
{
"model": "ios 12.3 b5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 b2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 b1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(5)"
},
{
"model": "ios 12.3 xq1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xk4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xk3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xk1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xg5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xg4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xg2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xg1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xd2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xd1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 tpc11a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t13",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 eo1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(21)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(20)"
},
{
"model": "ios 12.3 xe3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xc4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xc3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xa5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xa4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 jl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 jk1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ja5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(18)"
},
{
"model": "ios 12.3 bc3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(16)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(15)"
},
{
"model": "ios 12.3 yx2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yu1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yt1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ym8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ym4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(13)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(12)"
},
{
"model": "ios 12.3 yz1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ys1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ys",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yk1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yf4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yf3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yf2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xl3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(11)"
},
{
"model": "ios 12.3 a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(10)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "intrustion prevention software 5.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(3)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(2)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(2)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(1)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.x"
},
{
"model": "stonegate ips",
"scope": "ne",
"trust": 0.3,
"vendor": "stonesoft",
"version": "4.1"
},
{
"model": "stonegate ips",
"scope": "ne",
"trust": 0.3,
"vendor": "stonesoft",
"version": "4.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006289"
},
{
"db": "NVD",
"id": "CVE-2007-5793"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:stonesoft:stonegate_ips:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5793"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fatih OzavciCaglar Cakici",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
],
"trust": 0.6
},
"cve": "CVE-2007-5793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-5793",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-5793",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#739224",
"trust": 0.8,
"value": "1.76"
},
{
"author": "CNNVD",
"id": "CNNVD-200711-016",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006289"
},
{
"db": "NVD",
"id": "CVE-2007-5793"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection. This may allow malicious HTTP traffic to bypass content scanning systems. \nAttackers may send this type of HTTP data to evade detection and perform further attacks. \nCisco has stated that all IOS releases that support the Firewall/IPS feature set are affected. Although we currently have no definitive list of such versions, Symantec is investigating the matter and will update this BID\u0027s list of vulnerable systems appropriately. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nDownload the free PSI BETA from the Secunia website:\nhttps://psi.secunia.com/\n\n----------------------------------------------------------------------\n\nTITLE:\nNovell iChain HTTP Unicode Encoding Detection Bypass\n\nSECUNIA ADVISORY ID:\nSA26692\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26692/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNovell iChain 2.x\nhttp://secunia.com/product/1423/\n\nDESCRIPTION:\nA vulnerability has been reported in Novell iChain, which can be\nexploited by malicious people to bypass certain security\nrestrictions. \n\nSOLUTION:\nApply iChain 2.3 SP5 Interim Release 3 or greater (2.3.408). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttps://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Full-width and half-width is an encoding technique for Unicode\ncharacters. \n\nSome Open Source or Microsoft Products such as Microsoft ISS and .NET\nFramework properly decode this type of encoding. \n\nRisk Level : High\n\nImpact : Security Bypass\n\nSystems Affected :\n\nCheckpoint Web Intelligence (Confirmed)\nIBM ISS Proventia Series (Confirmed)\nFull List of Vendors : (CERT - Vulnerability Note VU#739224) [1]\n\nRemedy :\n\nContact your vendor for a hotfix, patch or advanced configuration. \n\nCredits :\n\nFatih Ozavci (GamaTEAM Member)\nCaglar Cakici (GamaTEAM Member)\nIt\u0027s detected using GamaSEC Exploit Framework\nGamaSEC Information Security Audit and Consulting Services\n(www.gamasec.net)\n\nOriginal Advisory Link :\nhttp://www.gamasec.net/english/gs07-01.html\n\nReferences :\n\n 1. CERT - Vulnerability Note VU#739224\n http://www.kb.cert.org/vuls/id/739224\n\n 2. Unicode Home Page\n http://unicode.org\n\n 3. Unicode.org, Halfwidth and Fullwidth Forms\n http://www.unicode.org/charts/PDF/UFF00.pdf\n\n\n-- \nBest Regards\nFatih Ozavci\nIT Security Consultant\n. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nThe vulnerability is reported in versions prior to 4.0. \n\nSOLUTION:\nUpdate to version 4.0 or later. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nJoin the FREE BETA test of the Network Software Inspector (NSI)!\nhttp://secunia.com/network_software_inspector/\n\nThe NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5793"
},
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006289"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#739224",
"trust": 3.8
},
{
"db": "NVD",
"id": "CVE-2007-5793",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "27455",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "40627",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-2757",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "25285",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26692",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "25302",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006289",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200711-016",
"trust": 0.6
},
{
"db": "BID",
"id": "23980",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "59116",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56796",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60653",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56741",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006289"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
},
{
"db": "NVD",
"id": "CVE-2007-5793"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
]
},
"id": "VAR-200711-0394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.648818785
},
"last_update_date": "2023-12-18T12:23:37.362000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "StoneGate IPS",
"trust": 0.8,
"url": "http://www.stonesoft.com/en/products/ips/software_solutions/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-006289"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-006289"
},
{
"db": "NVD",
"id": "CVE-2007-5793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"trust": 1.6,
"url": "http://osvdb.org/40627"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/27455"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/mimg-72brkj"
},
{
"trust": 1.4,
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2757"
},
{
"trust": 0.9,
"url": "http://www.unicode.org/charts/pdf/uff00.pdf"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/25285/"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20070514-unicode.shtml"
},
{
"trust": 0.9,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/539/3193302_f.sal_public.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26692/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/27455/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/25302/"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/1817"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/infocus/1232"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/advise68"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5793"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5793"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2757"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/secursw/ps2113/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/products_security_response09186a008083f82e.html#response"
},
{
"trust": 0.3,
"url": "/archive/1/468633"
},
{
"trust": 0.3,
"url": "http://www.3com.com/securityalert/alerts/3com-07-001.html"
},
{
"trust": 0.3,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1423/"
},
{
"trust": 0.1,
"url": "http://unicode.org"
},
{
"trust": 0.1,
"url": "https://www.gamasec.net)"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "https://my.stonesoft.com/download.do"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16421/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5600/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/722/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/721/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006289"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
},
{
"db": "NVD",
"id": "CVE-2007-5793"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-006289"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
},
{
"db": "NVD",
"id": "CVE-2007-5793"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-05-14T00:00:00",
"db": "CERT/CC",
"id": "VU#739224"
},
{
"date": "2007-05-14T00:00:00",
"db": "BID",
"id": "23980"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-006289"
},
{
"date": "2007-09-07T06:01:27",
"db": "PACKETSTORM",
"id": "59116"
},
{
"date": "2007-05-17T00:35:37",
"db": "PACKETSTORM",
"id": "56796"
},
{
"date": "2007-11-03T02:36:00",
"db": "PACKETSTORM",
"id": "60653"
},
{
"date": "2007-05-16T01:04:41",
"db": "PACKETSTORM",
"id": "56741"
},
{
"date": "2007-11-01T17:46:00",
"db": "NVD",
"id": "CVE-2007-5793"
},
{
"date": "2007-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-04-22T00:00:00",
"db": "CERT/CC",
"id": "VU#739224"
},
{
"date": "2016-07-05T22:20:00",
"db": "BID",
"id": "23980"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-006289"
},
{
"date": "2011-03-08T03:01:18.750000",
"db": "NVD",
"id": "CVE-2007-5793"
},
{
"date": "2007-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HTTP content scanning systems full-width/half-width Unicode encoding bypass",
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "23980"
},
{
"db": "CNNVD",
"id": "CNNVD-200711-016"
}
],
"trust": 0.9
}
}
VAR-200705-0412
Vulnerability from variot - Updated: 2023-12-18 12:23The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems. A third party may use this issue to attempt further attacks. Attackers may send this type of HTTP data to evade detection and perform further attacks. Cisco has stated that all IOS releases that support the Firewall/IPS feature set are affected. Although we currently have no definitive list of such versions, Symantec is investigating the matter and will update this BID's list of vulnerable systems appropriately. Resin is a WEB server developed by Caucho Technology, which can be used under Microsoft Windows operating system. There are multiple vulnerabilities in the implementation of Resin for Windows, and remote attackers may use this vulnerability to obtain sensitive information without authorization. Resin does not properly filter input delivered via URL, allowing a remote attacker to read a continuous stream of data from any COM or LPT device on the system by supplying a DOS device filename with an arbitrary extension in the URL, exfiltrating Web pages through directory traversal attacks The contents of files in the application's WEB-INF directory, or the full system path to the Caucho Resin server through URLs containing special characters.
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
Download the free PSI BETA from the Secunia website: https://psi.secunia.com/
TITLE: Novell iChain HTTP Unicode Encoding Detection Bypass
SECUNIA ADVISORY ID: SA26692
VERIFY ADVISORY: http://secunia.com/advisories/26692/
CRITICAL: Less critical
IMPACT: Security Bypass
WHERE:
From remote
SOFTWARE: Novell iChain 2.x http://secunia.com/product/1423/
DESCRIPTION: A vulnerability has been reported in Novell iChain, which can be exploited by malicious people to bypass certain security restrictions.
SOLUTION: Apply iChain 2.3 SP5 Interim Release 3 or greater (2.3.408).
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Full-width and half-width is an encoding technique for Unicode characters.
Some Open Source or Microsoft Products such as Microsoft ISS and .NET Framework properly decode this type of encoding.
Risk Level : High
Impact : Security Bypass
Systems Affected :
Checkpoint Web Intelligence (Confirmed) IBM ISS Proventia Series (Confirmed) Full List of Vendors : (CERT - Vulnerability Note VU#739224) [1]
Remedy :
Contact your vendor for a hotfix, patch or advanced configuration.
Credits :
Fatih Ozavci (GamaTEAM Member) Caglar Cakici (GamaTEAM Member) It's detected using GamaSEC Exploit Framework GamaSEC Information Security Audit and Consulting Services (www.gamasec.net)
Original Advisory Link : http://www.gamasec.net/english/gs07-01.html
References :
-
CERT - Vulnerability Note VU#739224 http://www.kb.cert.org/vuls/id/739224
-
Unicode Home Page http://unicode.org
-
Unicode.org, Halfwidth and Fullwidth Forms http://www.unicode.org/charts/PDF/UFF00.pdf
-- Best Regards Fatih Ozavci IT Security Consultant .
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
The vulnerability is reported in versions prior to 4.0.
SOLUTION: Update to version 4.0 or later.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/
The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200705-0412",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.3",
"scope": null,
"trust": 8.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t",
"scope": null,
"trust": 4.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4",
"scope": null,
"trust": 2.1,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t8",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 1.8,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.8,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.0st"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.0t"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.1e"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.1t"
},
{
"model": "ios 12.4 t",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t4",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system 5.1",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ja",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t2",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0\\(2\\)"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1\\(1\\)"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1\\(1d\\)"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0\\(1\\)"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1\\(1a\\)"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1\\(1e\\)"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.1cc"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1\\(1c\\)"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0\\(6\\)p1"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1\\(1b\\)"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.2t"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0s"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1\\(p1\\)"
},
{
"model": "ios 12.4 t2",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t9",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t10",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ja1",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing network security division",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tippingpoint",
"version": null
},
{
"model": "intrusion prevention system",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "interscan gateway security appliance",
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": "trendmicro interscan viruswall",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "none"
},
{
"model": "trendmicro interscan viruswall",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "standard edition"
},
{
"model": "trendmicro interscan web security suite",
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": "ios 12.4 t1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 mr",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg5",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yf",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t7",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t11",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 jk",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xe4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t5",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system 5.0",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.1\\(1\\)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\(2\\)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.1\\(1c\\)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\(6\\)p1"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\(1\\)"
},
{
"model": "zpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "x5060"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "x5050"
},
{
"model": "sms",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": "600e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": "5000e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "500"
},
{
"model": "2400e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": "200e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "2000"
},
{
"model": "1200e",
"scope": "eq",
"trust": 0.3,
"vendor": "tippingpoint",
"version": "0"
},
{
"model": "stonegate ips sensor and analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.2"
},
{
"model": "stonegate ips sensor and analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.1"
},
{
"model": "stonegate ips sensor and analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.4.3"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.4"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.4"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.8)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.7)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.19)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.17)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.(2.16)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.15)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.14)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(2.10)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2(1)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.(2.49)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.(2.48)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2.5)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0(5.2)"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0(5)"
},
{
"model": "pix series security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5007.1"
},
{
"model": "pix series security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5007.0"
},
{
"model": "ios -7-ja2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ios 12.4xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4sw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4mr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(8)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(7)"
},
{
"model": "ios 12.4 t6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(5)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(3)"
},
{
"model": "ios 12.4 xb2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 t4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 t3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4 mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(12)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(1)"
},
{
"model": "ios 12.3yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ys",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3xx"
},
{
"model": "ios 12.3xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3xv"
},
{
"model": "ios 12.3xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3tpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jeb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3jea",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3ja",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(9)"
},
{
"model": "ios 12.3 yi3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ya1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xy6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xy5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xy4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xu2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(7.7)"
},
{
"model": "ios 12.3 xr6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xr3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi8a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xi3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t12",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 jx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(6)"
},
{
"model": "ios 12.3 b5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 b2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 b1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(5)"
},
{
"model": "ios 12.3 xq1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xk4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xk3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xk1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xg5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xg4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xg2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xg1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xd2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xd1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 tpc11a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t13",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 eo1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(21)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(20)"
},
{
"model": "ios 12.3 xe3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xc4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xc3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xa5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xa4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 jl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 jk1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ja5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(18)"
},
{
"model": "ios 12.3 bc3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(16)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(15)"
},
{
"model": "ios 12.3 yx2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yu1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yt1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ym8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ym4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 bc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(13)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(12)"
},
{
"model": "ios 12.3 yz1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ys1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 ys",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yk1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yf4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yf3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 yf2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xl3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(11)"
},
{
"model": "ios 12.3 a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3(10)"
},
{
"model": "intrustion prevention software 5.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(3)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(2)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(2)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(1)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.x"
},
{
"model": "stonegate ips",
"scope": "ne",
"trust": 0.3,
"vendor": "stonesoft",
"version": "4.1"
},
{
"model": "stonegate ips",
"scope": "ne",
"trust": 0.3,
"vendor": "stonesoft",
"version": "4.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000382"
},
{
"db": "NVD",
"id": "CVE-2007-2688"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1d\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1e\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(p1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1a\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1b\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1c\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(6\\)p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.0t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:11.1cc:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2688"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Derek Abdine",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
],
"trust": 0.6
},
"cve": "CVE-2007-2688",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-2688",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-26050",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-2688",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#739224",
"trust": 0.8,
"value": "1.76"
},
{
"author": "CNNVD",
"id": "CNNVD-200705-315",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-26050",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "VULHUB",
"id": "VHN-26050"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000382"
},
{
"db": "NVD",
"id": "CVE-2007-2688"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems. A third party may use this issue to attempt further attacks. \nAttackers may send this type of HTTP data to evade detection and perform further attacks. \nCisco has stated that all IOS releases that support the Firewall/IPS feature set are affected. Although we currently have no definitive list of such versions, Symantec is investigating the matter and will update this BID\u0027s list of vulnerable systems appropriately. Resin is a WEB server developed by Caucho Technology, which can be used under Microsoft Windows operating system. There are multiple vulnerabilities in the implementation of Resin for Windows, and remote attackers may use this vulnerability to obtain sensitive information without authorization. Resin does not properly filter input delivered via URL, allowing a remote attacker to read a continuous stream of data from any COM or LPT device on the system by supplying a DOS device filename with an arbitrary extension in the URL, exfiltrating Web pages through directory traversal attacks The contents of files in the application\u0027s WEB-INF directory, or the full system path to the Caucho Resin server through URLs containing special characters. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nDownload the free PSI BETA from the Secunia website:\nhttps://psi.secunia.com/\n\n----------------------------------------------------------------------\n\nTITLE:\nNovell iChain HTTP Unicode Encoding Detection Bypass\n\nSECUNIA ADVISORY ID:\nSA26692\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26692/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNovell iChain 2.x\nhttp://secunia.com/product/1423/\n\nDESCRIPTION:\nA vulnerability has been reported in Novell iChain, which can be\nexploited by malicious people to bypass certain security\nrestrictions. \n\nSOLUTION:\nApply iChain 2.3 SP5 Interim Release 3 or greater (2.3.408). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttps://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Full-width and half-width is an encoding technique for Unicode\ncharacters. \n\nSome Open Source or Microsoft Products such as Microsoft ISS and .NET\nFramework properly decode this type of encoding. \n\nRisk Level : High\n\nImpact : Security Bypass\n\nSystems Affected :\n\nCheckpoint Web Intelligence (Confirmed)\nIBM ISS Proventia Series (Confirmed)\nFull List of Vendors : (CERT - Vulnerability Note VU#739224) [1]\n\nRemedy :\n\nContact your vendor for a hotfix, patch or advanced configuration. \n\nCredits :\n\nFatih Ozavci (GamaTEAM Member)\nCaglar Cakici (GamaTEAM Member)\nIt\u0027s detected using GamaSEC Exploit Framework\nGamaSEC Information Security Audit and Consulting Services\n(www.gamasec.net)\n\nOriginal Advisory Link :\nhttp://www.gamasec.net/english/gs07-01.html\n\nReferences :\n\n 1. CERT - Vulnerability Note VU#739224\n http://www.kb.cert.org/vuls/id/739224\n\n 2. Unicode Home Page\n http://unicode.org\n\n 3. Unicode.org, Halfwidth and Fullwidth Forms\n http://www.unicode.org/charts/PDF/UFF00.pdf\n\n\n-- \nBest Regards\nFatih Ozavci\nIT Security Consultant\n. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nThe vulnerability is reported in versions prior to 4.0. \n\nSOLUTION:\nUpdate to version 4.0 or later. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nJoin the FREE BETA test of the Network Software Inspector (NSI)!\nhttp://secunia.com/network_software_inspector/\n\nThe NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2688"
},
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000382"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "VULHUB",
"id": "VHN-26050"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#739224",
"trust": 3.9
},
{
"db": "SECUNIA",
"id": "25285",
"trust": 3.5
},
{
"db": "BID",
"id": "23980",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2007-2688",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1018053",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1018054",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "35336",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-1803",
"trust": 1.7
},
{
"db": "XF",
"id": "34277",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "27455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26692",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "25302",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000382",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200705-315",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20070514 HTTP FULL-WIDTH AND HALF-WIDTH UNICODE ENCODING EVASION",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "10343\u203b10344",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "10343",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "10344",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:5465",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070515 GS07-01 FULL-WIDTH AND HALF-WIDTH UNICODE ENCODING IDS/IPS/WAF BYPASS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-26050",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59116",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56796",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60653",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56741",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "VULHUB",
"id": "VHN-26050"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000382"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
},
{
"db": "NVD",
"id": "CVE-2007-2688"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
]
},
"id": "VAR-200705-0412",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26050"
}
],
"trust": 0.748818785
},
"last_update_date": "2023-12-18T12:23:37.308000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sr-20070514-unicode",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20070514-unicode.shtml"
},
{
"title": "solution 2061840",
"trust": 0.8,
"url": "http://esupport.trendmicro.co.jp/supportjp/viewxml.do?contentid=jp-2061840"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000382"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2688"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/23980"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1018053"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1018054"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25285/"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_response09186a008083f82e.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/35336"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25285"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2007/1803"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/34277"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5465"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/1803"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34277"
},
{
"trust": 0.9,
"url": "http://www.unicode.org/charts/pdf/uff00.pdf"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20070514-unicode.shtml"
},
{
"trust": 0.9,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/539/3193302_f.sal_public.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26692/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/27455/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/25302/"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/1817"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/infocus/1232"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/advise68"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2688"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2688"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/468633/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5465"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/10343\u203b10344"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/secursw/ps2113/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/products_security_response09186a008083f82e.html#response"
},
{
"trust": 0.3,
"url": "/archive/1/468633"
},
{
"trust": 0.3,
"url": "http://www.3com.com/securityalert/alerts/3com-07-001.html"
},
{
"trust": 0.3,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1423/"
},
{
"trust": 0.1,
"url": "http://unicode.org"
},
{
"trust": 0.1,
"url": "https://www.gamasec.net)"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "https://my.stonesoft.com/download.do"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16421/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5600/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/722/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/721/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "VULHUB",
"id": "VHN-26050"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000382"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
},
{
"db": "NVD",
"id": "CVE-2007-2688"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "VULHUB",
"id": "VHN-26050"
},
{
"db": "BID",
"id": "23980"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000382"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
},
{
"db": "NVD",
"id": "CVE-2007-2688"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-05-14T00:00:00",
"db": "CERT/CC",
"id": "VU#739224"
},
{
"date": "2007-05-16T00:00:00",
"db": "VULHUB",
"id": "VHN-26050"
},
{
"date": "2007-05-14T00:00:00",
"db": "BID",
"id": "23980"
},
{
"date": "2007-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000382"
},
{
"date": "2007-09-07T06:01:27",
"db": "PACKETSTORM",
"id": "59116"
},
{
"date": "2007-05-17T00:35:37",
"db": "PACKETSTORM",
"id": "56796"
},
{
"date": "2007-11-03T02:36:00",
"db": "PACKETSTORM",
"id": "60653"
},
{
"date": "2007-05-16T01:04:41",
"db": "PACKETSTORM",
"id": "56741"
},
{
"date": "2007-05-16T01:19:00",
"db": "NVD",
"id": "CVE-2007-2688"
},
{
"date": "2007-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-04-22T00:00:00",
"db": "CERT/CC",
"id": "VU#739224"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-26050"
},
{
"date": "2016-07-05T22:20:00",
"db": "BID",
"id": "23980"
},
{
"date": "2007-06-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000382"
},
{
"date": "2018-10-30T16:26:16.857000",
"db": "NVD",
"id": "CVE-2007-2688"
},
{
"date": "2009-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HTTP content scanning systems full-width/half-width Unicode encoding bypass",
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "23980"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-315"
}
],
"trust": 0.9
}
}
VAR-200705-0413
Vulnerability from variot - Updated: 2023-12-18 12:23Check Point Web Intelligence does not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems. Web Intelligence is prone to a remote security vulnerability.
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
Download the free PSI BETA from the Secunia website: https://psi.secunia.com/
TITLE: Novell iChain HTTP Unicode Encoding Detection Bypass
SECUNIA ADVISORY ID: SA26692
VERIFY ADVISORY: http://secunia.com/advisories/26692/
CRITICAL: Less critical
IMPACT: Security Bypass
WHERE:
From remote
SOFTWARE: Novell iChain 2.x http://secunia.com/product/1423/
DESCRIPTION: A vulnerability has been reported in Novell iChain, which can be exploited by malicious people to bypass certain security restrictions.
SOLUTION: Apply iChain 2.3 SP5 Interim Release 3 or greater (2.3.408).
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Full-width and half-width is an encoding technique for Unicode characters.
Some Open Source or Microsoft Products such as Microsoft ISS and .NET Framework properly decode this type of encoding.
Risk Level : High
Impact : Security Bypass
Systems Affected :
Checkpoint Web Intelligence (Confirmed) IBM ISS Proventia Series (Confirmed) Full List of Vendors : (CERT - Vulnerability Note VU#739224) [1]
Remedy :
Contact your vendor for a hotfix, patch or advanced configuration.
Credits :
Fatih Ozavci (GamaTEAM Member) Caglar Cakici (GamaTEAM Member) It's detected using GamaSEC Exploit Framework GamaSEC Information Security Audit and Consulting Services (www.gamasec.net)
Original Advisory Link : http://www.gamasec.net/english/gs07-01.html
References :
-
CERT - Vulnerability Note VU#739224 http://www.kb.cert.org/vuls/id/739224
-
Unicode Home Page http://unicode.org
-
Unicode.org, Halfwidth and Fullwidth Forms http://www.unicode.org/charts/PDF/UFF00.pdf
-- Best Regards Fatih Ozavci IT Security Consultant .
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
The vulnerability is reported in versions prior to 4.0.
SOLUTION: Update to version 4.0 or later.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/
The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.
The vulnerability affects the following products: * Cisco Intrusion Prevention System (IPS) * Cisco IOS with Firewall/IPS Feature Set
SOLUTION: No fix or workaround is currently available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200705-0413",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web intelligence",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "gold"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "3com",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing network security division",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tippingpoint",
"version": null
},
{
"model": "connectra",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "2.0"
},
{
"model": "connectra ngx",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "r60"
},
{
"model": "connectra ngx",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "r61"
},
{
"model": "connectra ngx",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "r62"
},
{
"model": "connectra ngx",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "r65"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ng ai r55"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ng ai r55p"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ng ai r55w"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r60"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r61"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r62"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r65"
},
{
"model": "point software web intelligence gold",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "BID",
"id": "86147"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001193"
},
{
"db": "NVD",
"id": "CVE-2007-2689"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-309"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:checkpoint:web_intelligence:gold:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2689"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "86147"
}
],
"trust": 0.3
},
"cve": "CVE-2007-2689",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-2689",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-26051",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-2689",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#739224",
"trust": 0.8,
"value": "1.76"
},
{
"author": "CNNVD",
"id": "CNNVD-200705-309",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-26051",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2007-2689",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "VULHUB",
"id": "VHN-26051"
},
{
"db": "VULMON",
"id": "CVE-2007-2689"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001193"
},
{
"db": "NVD",
"id": "CVE-2007-2689"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-309"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point Web Intelligence does not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems. Web Intelligence is prone to a remote security vulnerability. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nDownload the free PSI BETA from the Secunia website:\nhttps://psi.secunia.com/\n\n----------------------------------------------------------------------\n\nTITLE:\nNovell iChain HTTP Unicode Encoding Detection Bypass\n\nSECUNIA ADVISORY ID:\nSA26692\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26692/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNovell iChain 2.x\nhttp://secunia.com/product/1423/\n\nDESCRIPTION:\nA vulnerability has been reported in Novell iChain, which can be\nexploited by malicious people to bypass certain security\nrestrictions. \n\nSOLUTION:\nApply iChain 2.3 SP5 Interim Release 3 or greater (2.3.408). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttps://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Full-width and half-width is an encoding technique for Unicode\ncharacters. \n\nSome Open Source or Microsoft Products such as Microsoft ISS and .NET\nFramework properly decode this type of encoding. \n\nRisk Level : High\n\nImpact : Security Bypass\n\nSystems Affected :\n\nCheckpoint Web Intelligence (Confirmed)\nIBM ISS Proventia Series (Confirmed)\nFull List of Vendors : (CERT - Vulnerability Note VU#739224) [1]\n\nRemedy :\n\nContact your vendor for a hotfix, patch or advanced configuration. \n\nCredits :\n\nFatih Ozavci (GamaTEAM Member)\nCaglar Cakici (GamaTEAM Member)\nIt\u0027s detected using GamaSEC Exploit Framework\nGamaSEC Information Security Audit and Consulting Services\n(www.gamasec.net)\n\nOriginal Advisory Link :\nhttp://www.gamasec.net/english/gs07-01.html\n\nReferences :\n\n 1. CERT - Vulnerability Note VU#739224\n http://www.kb.cert.org/vuls/id/739224\n\n 2. Unicode Home Page\n http://unicode.org\n\n 3. Unicode.org, Halfwidth and Fullwidth Forms\n http://www.unicode.org/charts/PDF/UFF00.pdf\n\n\n-- \nBest Regards\nFatih Ozavci\nIT Security Consultant\n. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nThe vulnerability is reported in versions prior to 4.0. \n\nSOLUTION:\nUpdate to version 4.0 or later. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nJoin the FREE BETA test of the Network Software Inspector (NSI)!\nhttp://secunia.com/network_software_inspector/\n\nThe NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\nThe vulnerability affects the following products:\n* Cisco Intrusion Prevention System (IPS)\n* Cisco IOS with Firewall/IPS Feature Set\n\nSOLUTION:\nNo fix or workaround is currently available",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2689"
},
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001193"
},
{
"db": "BID",
"id": "86147"
},
{
"db": "VULHUB",
"id": "VHN-26051"
},
{
"db": "VULMON",
"id": "CVE-2007-2689"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#739224",
"trust": 4.0
},
{
"db": "NVD",
"id": "CVE-2007-2689",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1018067",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "27455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25285",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26692",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "25302",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001193",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20070515 GS07-01 FULL-WIDTH AND HALF-WIDTH UNICODE ENCODING IDS/IPS/WAF BYPASS VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200705-309",
"trust": 0.6
},
{
"db": "BID",
"id": "86147",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-26051",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2007-2689",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59116",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56796",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60653",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56741",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "VULHUB",
"id": "VHN-26051"
},
{
"db": "VULMON",
"id": "CVE-2007-2689"
},
{
"db": "BID",
"id": "86147"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001193"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
},
{
"db": "NVD",
"id": "CVE-2007-2689"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-309"
}
]
},
"id": "VAR-200705-0413",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26051"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:23:37.204000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "sk32714",
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk32714"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001193"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2689"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.gamasec.net/english/gs07-01.html"
},
{
"trust": 3.2,
"url": "http://www.kb.cert.org/vuls/id/739224"
},
{
"trust": 2.9,
"url": "http://www.securitytracker.com/id?1018067"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/468633/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://www.unicode.org/charts/pdf/uff00.pdf"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/25285/"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20070514-unicode.shtml"
},
{
"trust": 0.9,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/539/3193302_f.sal_public.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26692/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/27455/"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/468633/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/25302/"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/1817"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/infocus/1232"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/advise68"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2689"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2689"
},
{
"trust": 0.3,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1423/"
},
{
"trust": 0.1,
"url": "http://unicode.org"
},
{
"trust": 0.1,
"url": "https://www.gamasec.net)"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "https://my.stonesoft.com/download.do"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16421/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5600/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/722/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/721/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "VULHUB",
"id": "VHN-26051"
},
{
"db": "VULMON",
"id": "CVE-2007-2689"
},
{
"db": "BID",
"id": "86147"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001193"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
},
{
"db": "NVD",
"id": "CVE-2007-2689"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-309"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#739224"
},
{
"db": "VULHUB",
"id": "VHN-26051"
},
{
"db": "VULMON",
"id": "CVE-2007-2689"
},
{
"db": "BID",
"id": "86147"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001193"
},
{
"db": "PACKETSTORM",
"id": "59116"
},
{
"db": "PACKETSTORM",
"id": "56796"
},
{
"db": "PACKETSTORM",
"id": "60653"
},
{
"db": "PACKETSTORM",
"id": "56741"
},
{
"db": "NVD",
"id": "CVE-2007-2689"
},
{
"db": "CNNVD",
"id": "CNNVD-200705-309"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-05-14T00:00:00",
"db": "CERT/CC",
"id": "VU#739224"
},
{
"date": "2007-05-16T00:00:00",
"db": "VULHUB",
"id": "VHN-26051"
},
{
"date": "2007-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2007-2689"
},
{
"date": "2007-05-15T00:00:00",
"db": "BID",
"id": "86147"
},
{
"date": "2009-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001193"
},
{
"date": "2007-09-07T06:01:27",
"db": "PACKETSTORM",
"id": "59116"
},
{
"date": "2007-05-17T00:35:37",
"db": "PACKETSTORM",
"id": "56796"
},
{
"date": "2007-11-03T02:36:00",
"db": "PACKETSTORM",
"id": "60653"
},
{
"date": "2007-05-16T01:04:41",
"db": "PACKETSTORM",
"id": "56741"
},
{
"date": "2007-05-16T01:19:00",
"db": "NVD",
"id": "CVE-2007-2689"
},
{
"date": "2007-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-309"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-04-22T00:00:00",
"db": "CERT/CC",
"id": "VU#739224"
},
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-26051"
},
{
"date": "2018-10-16T00:00:00",
"db": "VULMON",
"id": "CVE-2007-2689"
},
{
"date": "2007-05-15T00:00:00",
"db": "BID",
"id": "86147"
},
{
"date": "2009-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001193"
},
{
"date": "2018-10-16T16:45:08.977000",
"db": "NVD",
"id": "CVE-2007-2689"
},
{
"date": "2007-06-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200705-309"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-309"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HTTP content scanning systems full-width/half-width Unicode encoding bypass",
"sources": [
{
"db": "CERT/CC",
"id": "VU#739224"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200705-309"
}
],
"trust": 0.6
}
}
VAR-200610-0162
Vulnerability from variot - Updated: 2023-12-18 11:323Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that cause the community string to be returned. 3Com SS3 4400 Switch products are prone to an information-disclosure vulnerability. An attacker can exploit this issue to retrieve potentially sensitive information. The impact of successful exploits may allow various operations on the device, including disabling ports and reconfiguring a VLAN. Note that this issue may be exploited only through the management VLAN that the affected device is connected to. Firmware versions 5.11, 6.00, and 6.10 or earlier are vulnerable.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: 3Com SuperStack 3 Switch 4400 Information Disclosure
SECUNIA ADVISORY ID: SA22818
VERIFY ADVISORY: http://secunia.com/advisories/22818/
CRITICAL: Less critical
IMPACT: Exposure of sensitive information
WHERE:
From local network
OPERATING SYSTEM: 3Com SuperStack 3 Switch 4400 Family http://secunia.com/product/450/
DESCRIPTION: A security issue has been reported in the 3Com SuperStack 3 Switch 4400 family, which can be exploited by malicious people to gain knowledge of sensitive information.
Successful exploitation requires access to the management VLAN.
SOLUTION: An update is reportedly available for customers with a software maintenance agreement or via the 3Com Partner Access site.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Andrew Brennan.
ORIGINAL ADVISORY: http://www.3com.com/securityalert/alerts/3COM-06-004.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200610-0162",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "superstack 3 switch 4400",
"scope": "eq",
"trust": 1.6,
"vendor": "3com",
"version": "firmware_6.00"
},
{
"model": "superstack 3 switch 4400",
"scope": "eq",
"trust": 1.6,
"vendor": "3com",
"version": "firmware_5.11"
},
{
"model": "superstack 3 switch 4400",
"scope": "lte",
"trust": 1.0,
"vendor": "3com",
"version": "firmware_6.10"
},
{
"model": "superstack 3 switch 4400",
"scope": "eq",
"trust": 0.8,
"vendor": "3com",
"version": "firmware 5.11"
},
{
"model": "superstack 3 switch 4400",
"scope": "eq",
"trust": 0.8,
"vendor": "3com",
"version": "6.00"
},
{
"model": "superstack 3 switch 4400",
"scope": "lte",
"trust": 0.8,
"vendor": "3com",
"version": "6.10"
},
{
"model": "superstack 3 switch 4400",
"scope": "eq",
"trust": 0.6,
"vendor": "3com",
"version": "firmware_6.10"
},
{
"model": "superstack switch se",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "34400.0"
},
{
"model": "superstack switch pwr",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "34400.0"
},
{
"model": "superstack switch fx",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "34400.0"
},
{
"model": "superstack switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "34400.0"
}
],
"sources": [
{
"db": "BID",
"id": "20736"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001397"
},
{
"db": "NVD",
"id": "CVE-2006-5382"
},
{
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:3com:superstack_3_switch_4400:firmware_5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:3com:superstack_3_switch_4400:firmware_6.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:3com:superstack_3_switch_4400:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "firmware_6.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5382"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrew Brennan is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "20736"
},
{
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
],
"trust": 0.9
},
"cve": "CVE-2006-5382",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2006-5382",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-21490",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-5382",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200610-423",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-21490",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2006-5382",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-21490"
},
{
"db": "VULMON",
"id": "CVE-2006-5382"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001397"
},
{
"db": "NVD",
"id": "CVE-2006-5382"
},
{
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified \"normally restricted management packets on the device\" that cause the community string to be returned. 3Com SS3 4400 Switch products are prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to retrieve potentially sensitive information. The impact of successful exploits may allow various operations on the device, including disabling ports and reconfiguring a VLAN. \nNote that this issue may be exploited only through the management VLAN that the affected device is connected to. \nFirmware versions 5.11, 6.00, and 6.10 or earlier are vulnerable. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\n3Com SuperStack 3 Switch 4400 Information Disclosure\n\nSECUNIA ADVISORY ID:\nSA22818\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22818/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nExposure of sensitive information\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\n3Com SuperStack 3 Switch 4400 Family\nhttp://secunia.com/product/450/\n\nDESCRIPTION:\nA security issue has been reported in the 3Com SuperStack 3 Switch\n4400 family, which can be exploited by malicious people to gain\nknowledge of sensitive information. \n\nSuccessful exploitation requires access to the management VLAN. \n\nSOLUTION:\nAn update is reportedly available for customers with a software\nmaintenance agreement or via the 3Com Partner Access site. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Andrew Brennan. \n\nORIGINAL ADVISORY:\nhttp://www.3com.com/securityalert/alerts/3COM-06-004.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5382"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001397"
},
{
"db": "BID",
"id": "20736"
},
{
"db": "VULHUB",
"id": "VHN-21490"
},
{
"db": "VULMON",
"id": "CVE-2006-5382"
},
{
"db": "PACKETSTORM",
"id": "52075"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-5382",
"trust": 2.9
},
{
"db": "BID",
"id": "20736",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "22818",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2006-4184",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1017128",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001397",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200610-423",
"trust": 0.7
},
{
"db": "XF",
"id": "3",
"trust": 0.6
},
{
"db": "XF",
"id": "29779",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-21490",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2006/4184",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2006-5382",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52075",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-21490"
},
{
"db": "VULMON",
"id": "CVE-2006-5382"
},
{
"db": "BID",
"id": "20736"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001397"
},
{
"db": "PACKETSTORM",
"id": "52075"
},
{
"db": "NVD",
"id": "CVE-2006-5382"
},
{
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
]
},
"id": "VAR-200610-0162",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-21490"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:32:10.984000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://h17007.www1.hp.com/us/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001397"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5382"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/20736"
},
{
"trust": 1.9,
"url": "http://www.3com.com/securityalert/alerts/3com-06-004.html"
},
{
"trust": 1.8,
"url": "http://securitytracker.com/id?1017128"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/22818"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2006/4184"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29779"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5382"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5382"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/4184"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/29779"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/result.jsp?selected=6\u0026sort=effdt\u0026sku=3crwe754g72-a\u0026order=desc"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/450/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22818/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-21490"
},
{
"db": "VULMON",
"id": "CVE-2006-5382"
},
{
"db": "BID",
"id": "20736"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001397"
},
{
"db": "PACKETSTORM",
"id": "52075"
},
{
"db": "NVD",
"id": "CVE-2006-5382"
},
{
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-21490"
},
{
"db": "VULMON",
"id": "CVE-2006-5382"
},
{
"db": "BID",
"id": "20736"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001397"
},
{
"db": "PACKETSTORM",
"id": "52075"
},
{
"db": "NVD",
"id": "CVE-2006-5382"
},
{
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-21490"
},
{
"date": "2006-10-25T00:00:00",
"db": "VULMON",
"id": "CVE-2006-5382"
},
{
"date": "2006-10-25T00:00:00",
"db": "BID",
"id": "20736"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001397"
},
{
"date": "2006-11-16T03:19:38",
"db": "PACKETSTORM",
"id": "52075"
},
{
"date": "2006-10-25T23:07:00",
"db": "NVD",
"id": "CVE-2006-5382"
},
{
"date": "2006-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-21490"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULMON",
"id": "CVE-2006-5382"
},
{
"date": "2006-10-26T18:38:00",
"db": "BID",
"id": "20736"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001397"
},
{
"date": "2017-07-20T01:33:42.087000",
"db": "NVD",
"id": "CVE-2006-5382"
},
{
"date": "2006-10-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com Switch SS3 4400 Vulnerable to taking unauthorized actions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001397"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "20736"
},
{
"db": "CNNVD",
"id": "CNNVD-200610-423"
}
],
"trust": 0.9
}
}
VAR-200412-0744
Vulnerability from variot - Updated: 2023-12-18 11:25Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the web management interface. NOTE: the provenance of this information is unknown; details are obtained from third party reports. 3C17210-Us is prone to a denial-of-service vulnerability. 3Com SuperStack 3 4400 switches with firewall versions prior to 3.31 have an unspecified vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0744",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "superstack 3 switch",
"scope": "eq",
"trust": 1.6,
"vendor": "3com",
"version": "4400_se"
},
{
"model": "superstack 3 switch",
"scope": "eq",
"trust": 1.6,
"vendor": "3com",
"version": "4400"
},
{
"model": "3c17205-us",
"scope": "eq",
"trust": 1.0,
"vendor": "3com",
"version": "*"
},
{
"model": "3c17210-us",
"scope": "eq",
"trust": 1.0,
"vendor": "3com",
"version": "*"
},
{
"model": "3c17210-us",
"scope": "eq",
"trust": 0.6,
"vendor": "3com",
"version": "firmware_3.30"
},
{
"model": "3c17205-us",
"scope": "eq",
"trust": 0.6,
"vendor": "3com",
"version": "firmware_3.30"
},
{
"model": "superstack switch se",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "344003.3"
},
{
"model": "superstack switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "344003.30"
},
{
"model": "3c17210-us",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3.30"
},
{
"model": "3c17205-us",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3.30"
}
],
"sources": [
{
"db": "BID",
"id": "90333"
},
{
"db": "NVD",
"id": "CVE-2004-2691"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:3com:superstack_3_switch:4400:firmware_3.30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:3com:superstack_3_switch:4400_se:firmware_3.30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:3com:3c17205-us:*:firmware_3.30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:3com:3c17210-us:*:firmware_3.30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2691"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "90333"
}
],
"trust": 0.3
},
"cve": "CVE-2004-2691",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-11119",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-2691",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-1108",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-11119",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11119"
},
{
"db": "NVD",
"id": "CVE-2004-2691"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the web management interface. NOTE: the provenance of this information is unknown; details are obtained from third party reports. 3C17210-Us is prone to a denial-of-service vulnerability. 3Com SuperStack 3 4400 switches with firewall versions prior to 3.31 have an unspecified vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2691"
},
{
"db": "BID",
"id": "90333"
},
{
"db": "VULHUB",
"id": "VHN-11119"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-2691",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "7246",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "11934",
"trust": 1.7
},
{
"db": "XF",
"id": "16497",
"trust": 0.9
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1108",
"trust": 0.7
},
{
"db": "XF",
"id": "3",
"trust": 0.6
},
{
"db": "BID",
"id": "90333",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-11119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11119"
},
{
"db": "BID",
"id": "90333"
},
{
"db": "NVD",
"id": "CVE-2004-2691"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
]
},
"id": "VAR-200412-0744",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11119"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:25:56.010000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2691"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.osvdb.org/7246"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11934"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16497"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/xfdb/16497"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11119"
},
{
"db": "BID",
"id": "90333"
},
{
"db": "NVD",
"id": "CVE-2004-2691"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11119"
},
{
"db": "BID",
"id": "90333"
},
{
"db": "NVD",
"id": "CVE-2004-2691"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-11119"
},
{
"date": "2004-12-31T00:00:00",
"db": "BID",
"id": "90333"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2691"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-11119"
},
{
"date": "2004-12-31T00:00:00",
"db": "BID",
"id": "90333"
},
{
"date": "2017-07-29T01:29:16.623000",
"db": "NVD",
"id": "CVE-2004-2691"
},
{
"date": "2007-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com SuperStack 3 4400 switches Denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1108"
}
],
"trust": 0.6
}
}
VAR-200412-0303
Vulnerability from variot - Updated: 2023-12-18 10:56Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. This issue is due to a failure of the application to handle anomalous network traffic. An attacker may leverage this issue to cause the affected router to crash, denying service to legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0303",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "3crwe754g72-a",
"scope": "eq",
"trust": 1.6,
"vendor": "3com",
"version": "1.27"
},
{
"model": "3crwe754g72-a",
"scope": "eq",
"trust": 1.6,
"vendor": "3com",
"version": "1.13"
},
{
"model": "3crwe754g72-a",
"scope": "eq",
"trust": 1.6,
"vendor": "3com",
"version": "1.24"
},
{
"model": "3crwe754g72-a",
"scope": "eq",
"trust": 1.6,
"vendor": "3com",
"version": "1.23"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.27"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.24"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.23"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.13"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "1.2.15"
}
],
"sources": [
{
"db": "BID",
"id": "11685"
},
{
"db": "NVD",
"id": "CVE-2004-2457"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:3com:3crwe754g72-a:1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:3com:3crwe754g72-a:1.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:3com:3crwe754g72-a:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:3com:3crwe754g72-a:1.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2457"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The individual responsible for the discovery of this issue is currently unknown; the vendor disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "11685"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
],
"trust": 0.9
},
"cve": "CVE-2004-2457",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-2457",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-816",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2457"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. This issue is due to a failure of the application to handle anomalous network traffic. \nAn attacker may leverage this issue to cause the affected router to crash, denying service to legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2457"
},
{
"db": "BID",
"id": "11685"
}
],
"trust": 1.17
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11685",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "11839",
"trust": 1.6
},
{
"db": "NVD",
"id": "CVE-2004-2457",
"trust": 1.6
},
{
"db": "XF",
"id": "3",
"trust": 0.6
},
{
"db": "XF",
"id": "18081",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200412-816",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "11685"
},
{
"db": "NVD",
"id": "CVE-2004-2457"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
]
},
"id": "VAR-200412-0303",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6666667
},
"last_update_date": "2023-12-18T10:56:05.592000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2457"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.osvdb.org/11839"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/11685"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18081"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/18081"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/detail.jsp?tab=features\u0026pathtype=purchase\u0026sku=3crwe754g72-a"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/result.jsp?selected=all\u0026sort=effdt\u0026order=desc\u0026sku=3crwe754g72-a"
}
],
"sources": [
{
"db": "BID",
"id": "11685"
},
{
"db": "NVD",
"id": "CVE-2004-2457"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "11685"
},
{
"db": "NVD",
"id": "CVE-2004-2457"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-16T00:00:00",
"db": "BID",
"id": "11685"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2457"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-16T00:00:00",
"db": "BID",
"id": "11685"
},
{
"date": "2017-07-11T01:31:54.873000",
"db": "NVD",
"id": "CVE-2004-2457"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect ADSL Wireless 11g Firewall Router Remote Denial Of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "11685"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-816"
}
],
"trust": 0.6
}
}
VAR-200903-0061
Vulnerability from variot - Updated: 2023-12-18 10:51The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers to cause a denial of service (device crash) via a malformed HTTP POST request. 3Com Wireless 8760 Dual-Radio 11a/b/g PoE Access Point is prone to a denial-of-service vulnerability. Successfully exploiting this issue will allow attackers to crash the affected application, denying service to legitimate users.
SOLUTION: Restrict network access to the web management interface.
PROVIDED AND/OR DISCOVERED BY: Brandon Shilling and r@b13$, Digital Defense, Inc. Vulnerability Research Team
ORIGINAL ADVISORY: DDIVRT-2008-14: http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064226.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200903-0061",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wireless 8760 dual-radio",
"scope": null,
"trust": 1.4,
"vendor": "3com",
"version": null
},
{
"model": "wireless 8760 dual-radio",
"scope": "eq",
"trust": 1.0,
"vendor": "3com",
"version": "*"
},
{
"model": "wireless dual-radio 11a/b/g poe",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "87600"
}
],
"sources": [
{
"db": "BID",
"id": "30988"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002900"
},
{
"db": "NVD",
"id": "CVE-2008-6395"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:3com:wireless_8760_dual-radio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-6395"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brandon Shilling",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
],
"trust": 0.6
},
"cve": "CVE-2008-6395",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-6395",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-36520",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-6395",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200903-060",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-36520",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36520"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002900"
},
{
"db": "NVD",
"id": "CVE-2008-6395"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers to cause a denial of service (device crash) via a malformed HTTP POST request. 3Com Wireless 8760 Dual-Radio 11a/b/g PoE Access Point is prone to a denial-of-service vulnerability. \nSuccessfully exploiting this issue will allow attackers to crash the affected application, denying service to legitimate users. \n\nSOLUTION:\nRestrict network access to the web management interface. \n\nPROVIDED AND/OR DISCOVERED BY:\nBrandon Shilling and r@b13$, Digital Defense, Inc. Vulnerability\nResearch Team\n\nORIGINAL ADVISORY:\nDDIVRT-2008-14:\nhttp://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064226.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-6395"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002900"
},
{
"db": "BID",
"id": "30988"
},
{
"db": "VULHUB",
"id": "VHN-36520"
},
{
"db": "PACKETSTORM",
"id": "69672"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-6395",
"trust": 2.8
},
{
"db": "BID",
"id": "30988",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "31714",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020807",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002900",
"trust": 0.8
},
{
"db": "XF",
"id": "3",
"trust": 0.6
},
{
"db": "XF",
"id": "44890",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20080902 DDIVRT-2008-14 3COM WIRELESS 8760 DUAL RADIO 11A/B/G POE ACCESS POINT MALFORMED HTTP POST DOS",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200903-060",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-36520",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69672",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36520"
},
{
"db": "BID",
"id": "30988"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002900"
},
{
"db": "PACKETSTORM",
"id": "69672"
},
{
"db": "NVD",
"id": "CVE-2008-6395"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
]
},
"id": "VAR-200903-0061",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-36520"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:51:58.593000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://h17007.www1.hp.com/us/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002900"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-134",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002900"
},
{
"db": "NVD",
"id": "CVE-2008-6395"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-september/064226.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/30988"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020807"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31714"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44890"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6395"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-6395"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/44890"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2008/sep/0058.html"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/detail.jsp?pathtype=purchase\u0026tab=features\u0026sku=3crwe876075"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/19748/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31714/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/corporate/jobs/open_positions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36520"
},
{
"db": "BID",
"id": "30988"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002900"
},
{
"db": "PACKETSTORM",
"id": "69672"
},
{
"db": "NVD",
"id": "CVE-2008-6395"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-36520"
},
{
"db": "BID",
"id": "30988"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002900"
},
{
"db": "PACKETSTORM",
"id": "69672"
},
{
"db": "NVD",
"id": "CVE-2008-6395"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-36520"
},
{
"date": "2008-09-02T00:00:00",
"db": "BID",
"id": "30988"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002900"
},
{
"date": "2008-09-05T20:38:51",
"db": "PACKETSTORM",
"id": "69672"
},
{
"date": "2009-03-04T17:30:02.407000",
"db": "NVD",
"id": "CVE-2008-6395"
},
{
"date": "2008-09-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-36520"
},
{
"date": "2015-05-07T17:24:00",
"db": "BID",
"id": "30988"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002900"
},
{
"date": "2017-08-17T01:29:15.880000",
"db": "NVD",
"id": "CVE-2008-6395"
},
{
"date": "2009-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com Wireless 8760 Dual-Radio 11a/b/g PoE HTTP POST Request Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "30988"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "format string",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-060"
}
],
"trust": 0.6
}
}
VAR-190001-0595
Vulnerability from variot - Updated: 2022-05-17 22:46The H3C ER5100 is an enterprise-class dual-core broadband router. The H3C ER5100 Enterprise Broadband Router web management page has a verification vulnerability. Unauthorized visitors can modify, restart, and view most system configurations. The H3C ER5100 is prone to a remote authentication-bypass vulnerability. Attackers can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. ----------------------------------------------------------------------
Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/
TITLE: H3C ER5100 Router Web Interface Authentication Bypass Vulnerability
SECUNIA ADVISORY ID: SA44969
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44969/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44969
RELEASE DATE: 2011-06-23
DISCUSS ADVISORY: http://secunia.com/advisories/44969/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/44969/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=44969
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: 128bit has reported a vulnerability in H3C ER5100 Router, which can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to an error in the authentication mechanism of the administrative web interface. This can be exploited to bypass authentication checks and gain access to the administrative interface by e.g. appending "userLogin.asp" to the URL.
SOLUTION: Restrict access to trusted hosts only.
PROVIDED AND/OR DISCOVERED BY: 128bit
ORIGINAL ADVISORY: http://www.wooyun.org/bugs/wooyun-2010-02268
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-190001-0595",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h3c er5100",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
},
{
"model": "h3c er5100",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2399"
},
{
"db": "BID",
"id": "48384"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "128bit",
"sources": [
{
"db": "BID",
"id": "48384"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-280"
}
],
"trust": 0.9
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The H3C ER5100 is an enterprise-class dual-core broadband router. The H3C ER5100 Enterprise Broadband Router web management page has a verification vulnerability. Unauthorized visitors can modify, restart, and view most system configurations. The H3C ER5100 is prone to a remote authentication-bypass vulnerability. \nAttackers can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. ----------------------------------------------------------------------\n\n\nFrost \u0026 Sullivan 2011 Report: Secunia Vulnerability Research\n\\\"Frost \u0026 Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\\\" This is just one of the key factors that influenced Frost \u0026 Sullivan to select Secunia over other companies. \nRead the report here:\nhttp://secunia.com/products/corporate/vim/fs_request_2011/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nH3C ER5100 Router Web Interface Authentication Bypass Vulnerability\n\nSECUNIA ADVISORY ID:\nSA44969\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44969/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44969\n\nRELEASE DATE:\n2011-06-23\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44969/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44969/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44969\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\n128bit has reported a vulnerability in H3C ER5100 Router, which can\nbe exploited by malicious people to bypass certain security\nrestrictions. \n\nThe vulnerability is caused due to an error in the authentication\nmechanism of the administrative web interface. This can be exploited\nto bypass authentication checks and gain access to the administrative\ninterface by e.g. appending \"userLogin.asp\" to the URL. \n\nSOLUTION:\nRestrict access to trusted hosts only. \n\nPROVIDED AND/OR DISCOVERED BY:\n128bit\n\nORIGINAL ADVISORY:\nhttp://www.wooyun.org/bugs/wooyun-2010-02268\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2399"
},
{
"db": "BID",
"id": "48384"
},
{
"db": "PACKETSTORM",
"id": "102512"
}
],
"trust": 0.9
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "48384",
"trust": 1.5
},
{
"db": "WOOYUN",
"id": "WOOYUN-2010-02268",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2011-2399",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201106-280",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "44969",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "102512",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2399"
},
{
"db": "BID",
"id": "48384"
},
{
"db": "PACKETSTORM",
"id": "102512"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-280"
}
]
},
"id": "VAR-190001-0595",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2399"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2399"
}
]
},
"last_update_date": "2022-05-17T22:46:42.491000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.wooyun.org/bugs/wooyun-2010-02268http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/48384"
},
{
"trust": 0.4,
"url": "http://www.wooyun.org/bugs/wooyun-2010-02268"
},
{
"trust": 0.3,
"url": "http://www.h3c.com.cn/products___technology/products/ip_network/router/er/er5100/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/fs_request_2011/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44969/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44969/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44969"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2399"
},
{
"db": "BID",
"id": "48384"
},
{
"db": "PACKETSTORM",
"id": "102512"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-280"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-2399"
},
{
"db": "BID",
"id": "48384"
},
{
"db": "PACKETSTORM",
"id": "102512"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-280"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2399"
},
{
"date": "2011-06-22T00:00:00",
"db": "BID",
"id": "48384"
},
{
"date": "2011-06-22T10:24:13",
"db": "PACKETSTORM",
"id": "102512"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-280"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2399"
},
{
"date": "2011-06-22T00:00:00",
"db": "BID",
"id": "48384"
},
{
"date": "2011-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-280"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-280"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "H3C ER5100 Authentication Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "48384"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-280"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-280"
}
],
"trust": 0.6
}
}
VAR-200902-0692
Vulnerability from variot - Updated: 2022-05-17 02:103Com OfficeConnect Wireless Cable/DSL is a small wireless router. The OfficeConnect Wireless Cable/DSL Router has a web console enabled by default for device management. Even if the http daemon does not allow access to HTML pages and web consoles without authentication, you can still call and execute existing CGI programs. System Tools-->Configuration-->Backup Configuration saves the actual configuration file to a plain text file called config.bin. Unauthenticated users can directly call the SaveCfgFile CGI program and download the configuration information, user, System configuration of sensitive information such as passwords and WIFI keys. This vulnerability can also be exploited remotely from the Internet if the Remote Administration option is enabled. The following is an example of sensitive content in the config.bin file: [...]pppoe_username=xxxxxxxxxxxxxxxpppoe_password=xxxxxxxxxpppoe_service_name=xxxxxxxxx[...]mradius_username=xxxxxxmradius_password=xxxxxxmradius_secret=xxxxxxx[...]http_username=xxxxxlogin_password=xxxxxhttp_passwd=xxxxx[.. .]AuthName=xxxxxxxAuthPassword=xxxxsnmpStatus=xxxxxxxsnmpRoCommunity=xxxxxxxxsnmpRwCommunity=xxxxxxxx[...]multi_dmz_wan_ip1=xxxxxxxxxx[...]lan_macaddr=xxxxxxxxxxxxx[...]. The 3Com OfficeConnect Wireless Cable/DSL Gateway is prone to an access-validation vulnerability because of a lack of authentication when users access specific administration applications. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. The 3Com OfficeConnect Wireless Cable/DSL Gateway firmware 1.2.0 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200902-0692",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "officeconnect wireless 11g cable/dsl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-0746"
},
{
"db": "BID",
"id": "33686"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luca Carettoni",
"sources": [
{
"db": "BID",
"id": "33686"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2009-0746",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2009-0746",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-0746"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect Wireless Cable/DSL is a small wireless router. The OfficeConnect Wireless Cable/DSL Router has a web console enabled by default for device management. Even if the http daemon does not allow access to HTML pages and web consoles without authentication, you can still call and execute existing CGI programs. System Tools--\u003eConfiguration--\u003eBackup Configuration saves the actual configuration file to a plain text file called config.bin. Unauthenticated users can directly call the SaveCfgFile CGI program and download the configuration information, user, System configuration of sensitive information such as passwords and WIFI keys. This vulnerability can also be exploited remotely from the Internet if the Remote Administration option is enabled. The following is an example of sensitive content in the config.bin file: [...]pppoe_username=xxxxxxxxxxxxxxxpppoe_password=xxxxxxxxxpppoe_service_name=xxxxxxxxx[...]mradius_username=xxxxxxmradius_password=xxxxxxmradius_secret=xxxxxxx[...]http_username=xxxxxlogin_password=xxxxxhttp_passwd=xxxxx[.. .]AuthName=xxxxxxxAuthPassword=xxxxsnmpStatus=xxxxxxxsnmpRoCommunity=xxxxxxxxsnmpRwCommunity=xxxxxxxx[...]multi_dmz_wan_ip1=xxxxxxxxxx[...]lan_macaddr=xxxxxxxxxxxxx[...]. The 3Com OfficeConnect Wireless Cable/DSL Gateway is prone to an access-validation vulnerability because of a lack of authentication when users access specific administration applications. \nAttackers can exploit this issue to obtain sensitive information that may aid in further attacks. \nThe 3Com OfficeConnect Wireless Cable/DSL Gateway firmware 1.2.0 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-0746"
},
{
"db": "BID",
"id": "33686"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "33686",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2009-0746",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-0746"
},
{
"db": "BID",
"id": "33686"
}
]
},
"id": "VAR-200902-0692",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-0746"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-0746"
}
]
},
"last_update_date": "2022-05-17T02:10:54.392000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.info/?l=bugtraq\u0026m=123420157904113\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/detail.jsp?tab=features\u0026sku=3crwe554g72\u0026pathtype=support"
},
{
"trust": 0.3,
"url": "/archive/1/500762"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-0746"
},
{
"db": "BID",
"id": "33686"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2009-0746"
},
{
"db": "BID",
"id": "33686"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-02-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2009-0746"
},
{
"date": "2009-02-09T00:00:00",
"db": "BID",
"id": "33686"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2009-0746"
},
{
"date": "2009-02-10T15:48:00",
"db": "BID",
"id": "33686"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "33686"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect Wireless Cable/DSL Router SaveCfgFile bypasses authentication vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-0746"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access Validation Error",
"sources": [
{
"db": "BID",
"id": "33686"
}
],
"trust": 0.3
}
}
VAR-201004-0509
Vulnerability from variot - Updated: 2022-05-17 02:10The 3Com H3C SR6600 Series is a high-end multi-service router that combines high-performance forwarding, highly flexible service processing and high-density access. There is an unspecified error in the 3Com H3C SR6600 SNMP processing. A remote attacker can exploit the vulnerability to submit a malicious request to restart the device. The 3Com H3C SR6600 is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause the affected device to restart, denying service to legitimate users. ----------------------------------------------------------------------
Secunia CSI + Microsoft SCCM
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
TITLE: 3Com H3C SR6600 Series SNMP Denial of Service
SECUNIA ADVISORY ID: SA39479
VERIFY ADVISORY: http://secunia.com/advisories/39479/
DESCRIPTION: A vulnerability has been reported in 3Com H3C SR6600 Series Routers, which can be exploited by malicious people to cause a DoS (Denial of Service).
SOLUTION: Update to Comware 5.20 Release 2419.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://support.3com.com/documents/H3C/Routers/6600/H3C_SR6600-CMW520-R2419_Release_Notes.pdf
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0509",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h3c sr6600",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
},
{
"model": "h3c sr6600",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "h3c sr6600 release",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "5.202419"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0694"
},
{
"db": "BID",
"id": "39659"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com",
"sources": [
{
"db": "BID",
"id": "39659"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The 3Com H3C SR6600 Series is a high-end multi-service router that combines high-performance forwarding, highly flexible service processing and high-density access. There is an unspecified error in the 3Com H3C SR6600 SNMP processing. A remote attacker can exploit the vulnerability to submit a malicious request to restart the device. The 3Com H3C SR6600 is prone to a remote denial-of-service vulnerability. \nSuccessfully exploiting this issue allows remote attackers to cause the affected device to restart, denying service to legitimate users. ----------------------------------------------------------------------\n\n\n Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\n3Com H3C SR6600 Series SNMP Denial of Service\n\nSECUNIA ADVISORY ID:\nSA39479\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39479/\n\nDESCRIPTION:\nA vulnerability has been reported in 3Com H3C SR6600 Series Routers,\nwhich can be exploited by malicious people to cause a DoS (Denial of\nService). \n\nSOLUTION:\nUpdate to Comware 5.20 Release 2419. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://support.3com.com/documents/H3C/Routers/6600/H3C_SR6600-CMW520-R2419_Release_Notes.pdf\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0694"
},
{
"db": "BID",
"id": "39659"
},
{
"db": "PACKETSTORM",
"id": "88853"
}
],
"trust": 0.9
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "39659",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "39479",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2010-0694",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "88853",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0694"
},
{
"db": "BID",
"id": "39659"
},
{
"db": "PACKETSTORM",
"id": "88853"
}
]
},
"id": "VAR-201004-0509",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0694"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0694"
}
]
},
"last_update_date": "2022-05-17T02:10:05.932000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "3Com H3C SR6600 SNMP Remote Denial of Service Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/327"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0694"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "http://secunia.com/advisories/39479/"
},
{
"trust": 0.4,
"url": "http://support.3com.com/documents/h3c/routers/6600/h3c_sr6600-cmw520-r2419_release_notes.pdf"
},
{
"trust": 0.3,
"url": "http://www.3com.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0694"
},
{
"db": "BID",
"id": "39659"
},
{
"db": "PACKETSTORM",
"id": "88853"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-0694"
},
{
"db": "BID",
"id": "39659"
},
{
"db": "PACKETSTORM",
"id": "88853"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0694"
},
{
"date": "2010-04-23T00:00:00",
"db": "BID",
"id": "39659"
},
{
"date": "2010-04-23T06:32:24",
"db": "PACKETSTORM",
"id": "88853"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0694"
},
{
"date": "2010-04-23T00:00:00",
"db": "BID",
"id": "39659"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39659"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com H3C SR6600 SNMP Remote Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0694"
},
{
"db": "BID",
"id": "39659"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "39659"
}
],
"trust": 0.3
}
}
VAR-200410-0149
Vulnerability from variot - Updated: 2022-05-17 02:083Com OfficeConnect ADSL Wireless 11g Firewall Router is affected by an authentication bypass vulnerability; This issue is due to a failure of the device to properly validate an authenticated administrator. An attacker could leverage this issue to gain administrative access to the affective device facilitating disclosure of administrator passwords, WEP encryption keys, configuration manipulation and denial of service. It should be noted that this issue was originally reported in vulnerability report '3Com OfficeConnect ADSL Wireless 11g Firewall Router Multiple Unspecified Vulnerabilities' (BID 11422). It has been assigned its own BID as more information has been made available.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200410-0149",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.24"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.23"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.13"
},
{
"model": "3crwe754g72-a wireless connectivity devices",
"scope": null,
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "1.27"
}
],
"sources": [
{
"db": "BID",
"id": "11438"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery of this issue is credited to Cyrille Barthelemy \u003ccb-lse@ifrance.com\u003e.",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect ADSL Wireless 11g Firewall Router is affected by an authentication bypass vulnerability; This issue is due to a failure of the device to properly validate an authenticated administrator.\nAn attacker could leverage this issue to gain administrative access to the affective device facilitating disclosure of administrator passwords, WEP encryption keys, configuration manipulation and denial of service.\nIt should be noted that this issue was originally reported in vulnerability report \u00273Com OfficeConnect ADSL Wireless 11g Firewall Router Multiple Unspecified Vulnerabilities\u0027 (BID 11422). It has been assigned its own BID as more information has been made available.",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11438",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "11438"
}
]
},
"id": "VAR-200410-0149",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6666667
},
"last_update_date": "2022-05-17T02:08:43.703000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/result.jsp?selected=6\u0026sort=effdt\u0026sku=3crwe754g72-a\u0026order=desc"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/detail.jsp?tab=features\u0026pathtype=purchase\u0026sku=3crwe754g72-a"
}
],
"sources": [
{
"db": "BID",
"id": "11438"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "11438"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11438"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11438"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access Validation Error",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
}
}
VAR-201004-0520
Vulnerability from variot - Updated: 2022-05-17 02:06The 3Com H3C S9500E and S12500 are next-generation core switches. When processing URLs, there are unspecified errors in the WEB entry validation provided by the 3Com H3C S9500E and S12500, and remote attackers can exploit the vulnerability to restart the device. WEB entry validation is not enabled by default. ----------------------------------------------------------------------
Secunia CSI + Microsoft SCCM
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
TITLE: 3Com H3C S9500E / S12500 Switches Denial of Service
SECUNIA ADVISORY ID: SA39513
VERIFY ADVISORY: http://secunia.com/advisories/39513/
DESCRIPTION: A vulnerability has been reported in 3Com H3C S9500E and S12500 switches, which can be exploited by malicious people to cause a DoS (Denial of Service).
SOLUTION: Update to the latest version.
H3C S9500E: Update to Comware 5.20 Release 1230P01.
H3C S12500: Update to Comware 5.20 Release 1230P01.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: 3Com: http://support.3com.com/documents/H3C/switches/9500/H3C_S9500E_CMW5.20.R1230P01_Release_Notes.pdf http://support.3com.com/documents/H3C/switches/12500/H3C_S12500_CMW5.20.R1230P01_Release_Notes.pdf
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0520",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h3c s9500e core routing switch",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
},
{
"model": "h3c s12500 series switches",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0653"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "88686"
}
],
"trust": 0.1
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The 3Com H3C S9500E and S12500 are next-generation core switches. When processing URLs, there are unspecified errors in the WEB entry validation provided by the 3Com H3C S9500E and S12500, and remote attackers can exploit the vulnerability to restart the device. WEB entry validation is not enabled by default. ----------------------------------------------------------------------\n\n\n Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\n3Com H3C S9500E / S12500 Switches Denial of Service\n\nSECUNIA ADVISORY ID:\nSA39513\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39513/\n\nDESCRIPTION:\nA vulnerability has been reported in 3Com H3C S9500E and S12500\nswitches, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nSOLUTION:\nUpdate to the latest version. \n\nH3C S9500E:\nUpdate to Comware 5.20 Release 1230P01. \n\nH3C S12500:\nUpdate to Comware 5.20 Release 1230P01. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\n3Com:\nhttp://support.3com.com/documents/H3C/switches/9500/H3C_S9500E_CMW5.20.R1230P01_Release_Notes.pdf\nhttp://support.3com.com/documents/H3C/switches/12500/H3C_S12500_CMW5.20.R1230P01_Release_Notes.pdf\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0653"
},
{
"db": "PACKETSTORM",
"id": "88686"
}
],
"trust": 0.63
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "39513",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2010-0653",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "88686",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0653"
},
{
"db": "PACKETSTORM",
"id": "88686"
}
]
},
"id": "VAR-201004-0520",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0653"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0653"
}
]
},
"last_update_date": "2022-05-17T02:06:08.376000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "3Com H3C S9500E / S12500 Switch Denial of Service Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/311"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0653"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "http://secunia.com/advisories/39513/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://support.3com.com/documents/h3c/switches/9500/h3c_s9500e_cmw5.20.r1230p01_release_notes.pdf"
},
{
"trust": 0.1,
"url": "http://support.3com.com/documents/h3c/switches/12500/h3c_s12500_cmw5.20.r1230p01_release_notes.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0653"
},
{
"db": "PACKETSTORM",
"id": "88686"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-0653"
},
{
"db": "PACKETSTORM",
"id": "88686"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0653"
},
{
"date": "2010-04-20T06:39:58",
"db": "PACKETSTORM",
"id": "88686"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0653"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com H3C S9500E / S12500 Switch Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0653"
}
],
"trust": 0.6
}
}
VAR-200910-0380
Vulnerability from variot - Updated: 2022-05-17 02:023Com OfficeConnect ADSL Wireless 11g Firewall Router is prone to an authentication-bypass vulnerability and a remote command-execution vulnerability. An attacker can exploit these issues to gain unauthorized administrative access to the affected device or execute arbitrary commands. Successful exploits will completely compromise the device.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200910-0380",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3.0"
}
],
"sources": [
{
"db": "BID",
"id": "36722"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Fabrizi",
"sources": [
{
"db": "BID",
"id": "36722"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect ADSL Wireless 11g Firewall Router is prone to an authentication-bypass vulnerability and a remote command-execution vulnerability.\nAn attacker can exploit these issues to gain unauthorized administrative access to the affected device or execute arbitrary commands. Successful exploits will completely compromise the device.",
"sources": [
{
"db": "BID",
"id": "36722"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "36722",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "36722"
}
]
},
"id": "VAR-200910-0380",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6666667
},
"last_update_date": "2022-05-17T02:02:45.731000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/detail.jsp?tab=features\u0026sku=3crwe754g72-a\u0026pathtype=purchase"
},
{
"trust": 0.3,
"url": "/archive/1/507263"
}
],
"sources": [
{
"db": "BID",
"id": "36722"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "36722"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-10-19T00:00:00",
"db": "BID",
"id": "36722"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-10-19T19:18:00",
"db": "BID",
"id": "36722"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "36722"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Multiple Remote Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "36722"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access Validation Error",
"sources": [
{
"db": "BID",
"id": "36722"
}
],
"trust": 0.3
}
}
VAR-200303-0128
Vulnerability from variot - Updated: 2022-05-17 02:01The 3com SuperStack II Remote Access System 1500 is a device that accesses telecommunications equipment through BRI-ISDN/analog lines. Some files in the 3com SuperStack II remote access system can be accessed without authorization. Remote attackers can use this vulnerability to obtain sensitive information about system devices. RAS 1500 only protects the download.htm file (download manager for configuration files and system software), requires HTTP BASIC authentication, and does not have any protection for system image files and configuration files. Attackers can be unauthorized. Access these files for sensitive information. Specifically, RAS 1500 devices fail to carry out authentication when requests are made for various files that may contain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200303-0128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "superstack ii ras",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "15002.5.0"
},
{
"model": "superstack ii ras",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1500"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0844"
},
{
"db": "BID",
"id": "7176"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The discovery of this vulnerability has been credited to Piotr Chytla \u003cpch@isec.pl\u003e.",
"sources": [
{
"db": "BID",
"id": "7176"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2003-0844",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2003-0844",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0844"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The 3com SuperStack II Remote Access System 1500 is a device that accesses telecommunications equipment through BRI-ISDN/analog lines. Some files in the 3com SuperStack II remote access system can be accessed without authorization. Remote attackers can use this vulnerability to obtain sensitive information about system devices. RAS 1500 only protects the download.htm file (download manager for configuration files and system software), requires HTTP BASIC authentication, and does not have any protection for system image files and configuration files. Attackers can be unauthorized. Access these files for sensitive information. Specifically, RAS 1500 devices fail to carry out authentication when requests are made for various files that may contain sensitive information",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0844"
},
{
"db": "BID",
"id": "7176"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7176",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2003-0844",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0844"
},
{
"db": "BID",
"id": "7176"
}
]
},
"id": "VAR-200303-0128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0844"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0844"
}
]
},
"last_update_date": "2022-05-17T02:01:43.240000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104852250406896\u0026w=2"
},
{
"trust": 0.3,
"url": "/archive/1/316043"
},
{
"trust": 0.3,
"url": "/archive/1/317222"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0844"
},
{
"db": "BID",
"id": "7176"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2003-0844"
},
{
"db": "BID",
"id": "7176"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0844"
},
{
"date": "2003-03-24T00:00:00",
"db": "BID",
"id": "7176"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0844"
},
{
"date": "2003-03-24T00:00:00",
"db": "BID",
"id": "7176"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "7176"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com SuperStack II RAS 1500 Unauthorized Remote Access Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0844"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access Validation Error",
"sources": [
{
"db": "BID",
"id": "7176"
}
],
"trust": 0.3
}
}
VAR-200307-0049
Vulnerability from variot - Updated: 2022-05-17 02:00The 3Com 812 OfficeConnect is a widely used DSL router. 3Com 812 OfficeConnect lacks proper handling of long requests submitted by users to the management interface. Remote attackers can exploit this vulnerability to denial the device. The DSL router does not have any authentication for the user to perform management interface access. Any LAN user submits a request of more than 512 bytes to the WEB management interface, which may cause the router to crash and need to be restarted to obtain normal services. A problem in the 3Com 812 OfficeConnect has been reported that may result in the router becoming unstable. Because of this, an attacker may be able to deny service to legitimate users of the vulnerable router by submitting an excessively long request
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200307-0049",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "officeconnect dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "8122.0"
},
{
"model": "officeconnect dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "8121.1.9"
},
{
"model": "officeconnect dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "8121.1.7"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-2289"
},
{
"db": "BID",
"id": "8248"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery credited to David F.Madrid.",
"sources": [
{
"db": "BID",
"id": "8248"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2003-2289",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2003-2289",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-2289"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The 3Com 812 OfficeConnect is a widely used DSL router. 3Com 812 OfficeConnect lacks proper handling of long requests submitted by users to the management interface. Remote attackers can exploit this vulnerability to denial the device. The DSL router does not have any authentication for the user to perform management interface access. Any LAN user submits a request of more than 512 bytes to the WEB management interface, which may cause the router to crash and need to be restarted to obtain normal services. A problem in the 3Com 812 OfficeConnect has been reported that may result in the router becoming unstable. Because of this, an attacker may be able to deny service to legitimate users of the vulnerable router by submitting an excessively long request",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-2289"
},
{
"db": "BID",
"id": "8248"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "8248",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2003-2289",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-2289"
},
{
"db": "BID",
"id": "8248"
}
]
},
"id": "VAR-200307-0049",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-2289"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-2289"
}
]
},
"last_update_date": "2022-05-17T02:00:51.758000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=105897526228843\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/detail.jsp?tab=support\u0026pathtype=support\u0026sku=3cr414492-us"
},
{
"trust": 0.3,
"url": "/archive/1/330102"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-2289"
},
{
"db": "BID",
"id": "8248"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2003-2289"
},
{
"db": "BID",
"id": "8248"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-07-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-2289"
},
{
"date": "2003-07-23T00:00:00",
"db": "BID",
"id": "8248"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-2289"
},
{
"date": "2003-07-23T00:00:00",
"db": "BID",
"id": "8248"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "8248"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com DSL Router Management Interface Long Request Denial of Service Attack Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-2289"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "8248"
}
],
"trust": 0.3
}
}
VAR-201009-0385
Vulnerability from variot - Updated: 2022-05-17 01:56Accton-based switches are prone to a security vulnerability due to the existence of a backdoor password. Successful exploits will allow remote attackers to perform brute-force attacks and obtain the password used for HTTP, SSH, and Telnet services. The following products are vulnerable: 3Com 3812 3Com 3870 EdgeCore ES4649 Dell PowerConnect 5224 Other products from multiple vendors that re-brand Accton switches may also be affected.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201009-0385",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "es4649",
"scope": "eq",
"trust": 0.3,
"vendor": "edgecore",
"version": "0"
},
{
"model": "powerconnect",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "52240"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "38700"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "38120"
}
],
"sources": [
{
"db": "BID",
"id": "42947"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Edwin Eefting",
"sources": [
{
"db": "BID",
"id": "42947"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Accton-based switches are prone to a security vulnerability due to the existence of a backdoor password.\nSuccessful exploits will allow remote attackers to perform brute-force attacks and obtain the password used for HTTP, SSH, and Telnet services.\nThe following products are vulnerable:\n3Com 3812\n3Com 3870\nEdgeCore ES4649\nDell PowerConnect 5224\nOther products from multiple vendors that re-brand Accton switches may also be affected.",
"sources": [
{
"db": "BID",
"id": "42947"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "42947",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "42947"
}
]
},
"id": "VAR-201009-0385",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.675
},
"last_update_date": "2022-05-17T01:56:39.326000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.3com.com/"
},
{
"trust": 0.3,
"url": "http://www.accton.com/"
},
{
"trust": 0.3,
"url": "http://dell.com"
},
{
"trust": 0.3,
"url": "www.edge-core.com"
},
{
"trust": 0.3,
"url": "http://www.attackvector.org/vendor-response-to-backdoor-in-accton-switches-post/?utm_source=feedburner\u0026utm_medium=feed\u0026utm_campaign=feed%3a+attackvector+%28attack+vector%29"
}
],
"sources": [
{
"db": "BID",
"id": "42947"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "42947"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-09-02T00:00:00",
"db": "BID",
"id": "42947"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-09-02T00:00:00",
"db": "BID",
"id": "42947"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "42947"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Accton-based Switches Backdoor Password Vulnerability",
"sources": [
{
"db": "BID",
"id": "42947"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "42947"
}
],
"trust": 0.3
}
}
VAR-201005-0432
Vulnerability from variot - Updated: 2022-05-17 01:48Multiple 3Com H3C switches have security issues, and remote attackers can exploit vulnerabilities to perform denial of service attacks on their SSH servers. An unspecified error exists in the built-in SSH server. The attacker sends a specially constructed SSH message to restart the device. Multiple 3Com H3C devices are prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause the affected device to restart, denying service to legitimate users. This issue affects the H3C S3100, Switch 4500, and Switch 4200G series of products. ----------------------------------------------------------------------
Looking for a job?
Secunia is hiring skilled researchers and talented developers.
The vulnerability is caused due to an unspecified error and can be exploited to cause an affected device to reboot by sending specially crafted SSH packets to it.
Successful exploitation requires that the device is configured as SSH server.
SOLUTION: Update to the latest versions.
H3C S3100-52P: Update to Comware 3.10 Release 1702P13.
3Com Switch 4500: Update to version 3.03.02p09
3Com Switch 4200: Update to version 3.2.4.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: 3Com H3C (LSOD09619): http://support.3com.com/documents/H3C/switches/3100/H3C_S3100-52P_CMW3.10.R1702P13_Release_Notes.pdf http://support.3com.com/documents/switches/4500/Switch_4500_V3.03.02p09_Release_Notes.pdf
3Com H3C (LSOD09646) http://support.3com.com/documents/switches/4200G/Switch_4200G_V3.02.04_Release_Notes.pdf
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201005-0432",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h3c s3100",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
},
{
"model": "h3c switch 4200g",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
},
{
"model": "h3c switch",
"scope": "eq",
"trust": 0.6,
"vendor": "3com",
"version": "4500"
},
{
"model": "h3c switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "45000"
},
{
"model": "h3c switch 4200g",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
},
{
"model": "h3c s3100",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0811"
},
{
"db": "BID",
"id": "40031"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com",
"sources": [
{
"db": "BID",
"id": "40031"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple 3Com H3C switches have security issues, and remote attackers can exploit vulnerabilities to perform denial of service attacks on their SSH servers. An unspecified error exists in the built-in SSH server. The attacker sends a specially constructed SSH message to restart the device. Multiple 3Com H3C devices are prone to a remote denial-of-service vulnerability. \nSuccessfully exploiting this issue allows remote attackers to cause the affected device to restart, denying service to legitimate users. \nThis issue affects the H3C S3100, Switch 4500, and Switch 4200G series of products. ----------------------------------------------------------------------\n\n\nLooking for a job?\n\n\nSecunia is hiring skilled researchers and talented developers. \n\nThe vulnerability is caused due to an unspecified error and can be\nexploited to cause an affected device to reboot by sending specially\ncrafted SSH packets to it. \n\nSuccessful exploitation requires that the device is configured as SSH\nserver. \n\nSOLUTION:\nUpdate to the latest versions. \n\nH3C S3100-52P:\nUpdate to Comware 3.10 Release 1702P13. \n\n3Com Switch 4500:\nUpdate to version 3.03.02p09\n\n3Com Switch 4200:\nUpdate to version 3.2.4. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\n3Com H3C (LSOD09619):\nhttp://support.3com.com/documents/H3C/switches/3100/H3C_S3100-52P_CMW3.10.R1702P13_Release_Notes.pdf\nhttp://support.3com.com/documents/switches/4500/Switch_4500_V3.03.02p09_Release_Notes.pdf\n\n3Com H3C (LSOD09646)\nhttp://support.3com.com/documents/switches/4200G/Switch_4200G_V3.02.04_Release_Notes.pdf\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0811"
},
{
"db": "BID",
"id": "40031"
},
{
"db": "PACKETSTORM",
"id": "89324"
}
],
"trust": 0.9
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "40031",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "39785",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2010-0811",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "89324",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0811"
},
{
"db": "BID",
"id": "40031"
},
{
"db": "PACKETSTORM",
"id": "89324"
}
]
},
"id": "VAR-201005-0432",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0811"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0811"
}
]
},
"last_update_date": "2022-05-17T01:48:47.283000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "http://secunia.com/advisories/39785/"
},
{
"trust": 0.4,
"url": "http://support.3com.com/documents/h3c/switches/3100/h3c_s3100-52p_cmw3.10.r1702p13_release_notes.pdf"
},
{
"trust": 0.4,
"url": "http://support.3com.com/documents/switches/4200g/switch_4200g_v3.02.04_release_notes.pdf"
},
{
"trust": 0.4,
"url": "http://support.3com.com/documents/switches/4500/switch_4500_v3.03.02p09_release_notes.pdf"
},
{
"trust": 0.3,
"url": "http://www.3com.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0811"
},
{
"db": "BID",
"id": "40031"
},
{
"db": "PACKETSTORM",
"id": "89324"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-0811"
},
{
"db": "BID",
"id": "40031"
},
{
"db": "PACKETSTORM",
"id": "89324"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-05-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0811"
},
{
"date": "2010-03-29T00:00:00",
"db": "BID",
"id": "40031"
},
{
"date": "2010-05-10T13:34:45",
"db": "PACKETSTORM",
"id": "89324"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-05-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0811"
},
{
"date": "2010-05-10T19:02:00",
"db": "BID",
"id": "40031"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "40031"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple 3com H3C Device SSH Service Program Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0811"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "40031"
}
],
"trust": 0.3
}
}
VAR-201010-0444
Vulnerability from variot - Updated: 2022-05-17 01:48The 3Com H3C S3600/S3100 is an intelligent, resilient Ethernet switch designed and developed based on the IToIP concept. The 3Com H3C S3600/S3100 series switches have security vulnerabilities that allow malicious users to perform denial of service attacks. When there is an error in processing DHCP messages, submitting a specially constructed BOOTP or DHCP message without the \"Discover\" (53) option can cause the device to reset. To successfully exploit the vulnerability, DHCP sniffing needs to be enabled. ----------------------------------------------------------------------
Windows Applications Insecure Library Loading
The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/
The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected.
TITLE: 3Com H3C 3100 / 3600 Switches DHCP Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA41531
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41531/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41531
RELEASE DATE: 2010-09-30
DISCUSS ADVISORY: http://secunia.com/advisories/41531/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/41531/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=41531
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in 3Com H3C 3100 and 3600 Series switches, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is reported in the following products: * 3Com H3C S3100-EI * 3Com H3C S3600-SI * 3Com H3C S3600-EI
SOLUTION: Update to the latest version.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: 3Com (LSOD10083, LSOD10084): http://support.3com.com/documents/93010/H3C_S3600EI_CMW3.10.R1702P18_Release_Notes.pdf http://support.3com.com/documents/93010/H3C_S3100EI_CMW3.10.R2211P06_Release_Notes.pdf http://support.3com.com/documents/93010/H3C_S3600SI_CMW3.10.R1702P18_Release_Notes.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201010-0444",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h3c s3600 series switches",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
},
{
"model": "h3c s3100 series switches",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2204"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "94390"
}
],
"trust": 0.1
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The 3Com H3C S3600/S3100 is an intelligent, resilient Ethernet switch designed and developed based on the IToIP concept. The 3Com H3C S3600/S3100 series switches have security vulnerabilities that allow malicious users to perform denial of service attacks. When there is an error in processing DHCP messages, submitting a specially constructed BOOTP or DHCP message without the \\\"Discover\\\" (53) option can cause the device to reset. To successfully exploit the vulnerability, DHCP sniffing needs to be enabled. ----------------------------------------------------------------------\n\n\nWindows Applications Insecure Library Loading\n\nThe Official, Verified Secunia List:\nhttp://secunia.com/advisories/windows_insecure_library_loading/\n\nThe list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. \n\n\n----------------------------------------------------------------------\n\nTITLE:\n3Com H3C 3100 / 3600 Switches DHCP Denial of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA41531\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/41531/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41531\n\nRELEASE DATE:\n2010-09-30\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/41531/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/41531/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41531\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in 3Com H3C 3100 and 3600 Series\nswitches, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nThe vulnerability is reported in the following products:\n* 3Com H3C S3100-EI\n* 3Com H3C S3600-SI\n* 3Com H3C S3600-EI\n\nSOLUTION:\nUpdate to the latest version. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\n3Com (LSOD10083, LSOD10084):\nhttp://support.3com.com/documents/93010/H3C_S3600EI_CMW3.10.R1702P18_Release_Notes.pdf\nhttp://support.3com.com/documents/93010/H3C_S3100EI_CMW3.10.R2211P06_Release_Notes.pdf\nhttp://support.3com.com/documents/93010/H3C_S3600SI_CMW3.10.R1702P18_Release_Notes.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2204"
},
{
"db": "PACKETSTORM",
"id": "94390"
}
],
"trust": 0.63
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "41531",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2010-2204",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "94390",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2204"
},
{
"db": "PACKETSTORM",
"id": "94390"
}
]
},
"id": "VAR-201010-0444",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2204"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2204"
}
]
},
"last_update_date": "2022-05-17T01:48:45.343000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "3Com H3C 3100 / 3600 Switch DHCP Denial of Service Vulnerability Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/1187"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2204"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "http://secunia.com/advisories/41531/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/41531/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://support.3com.com/documents/93010/h3c_s3600si_cmw3.10.r1702p18_release_notes.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/windows_insecure_library_loading/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://support.3com.com/documents/93010/h3c_s3600ei_cmw3.10.r1702p18_release_notes.pdf"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41531"
},
{
"trust": 0.1,
"url": "http://support.3com.com/documents/93010/h3c_s3100ei_cmw3.10.r2211p06_release_notes.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2204"
},
{
"db": "PACKETSTORM",
"id": "94390"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-2204"
},
{
"db": "PACKETSTORM",
"id": "94390"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-10-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2204"
},
{
"date": "2010-09-30T06:25:04",
"db": "PACKETSTORM",
"id": "94390"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-10-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2204"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com H3C 3100 / 3600 Switch DHCP Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2204"
}
],
"trust": 0.6
}
}
VAR-200406-0053
Vulnerability from variot - Updated: 2022-05-17 01:463Com SuperStack Switch is a cost-effective, manageable switch from 3COM. The 3Com SuperStack switch device WEB interface has problems in handling some abnormal input. The remote attacker can exploit this vulnerability to perform a denial of service attack on the device. No detailed vulnerability details are currently available. This issue arises due to a failure of the device to handle exceptional input
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200406-0053",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "superstack switch se",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "34400.0"
},
{
"model": "superstack switch pwr",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "34400.0"
},
{
"model": "superstack switch fx",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "34400.0"
},
{
"model": "superstack switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "34400.0"
},
{
"model": "superstack switch",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1803"
},
{
"db": "BID",
"id": "10601"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The individual responsible for discovery of this issue is currently unknown; the vendor disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "10601"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2004-1803",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2004-1803",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1803"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com SuperStack Switch is a cost-effective, manageable switch from 3COM. The 3Com SuperStack switch device WEB interface has problems in handling some abnormal input. The remote attacker can exploit this vulnerability to perform a denial of service attack on the device. No detailed vulnerability details are currently available. This issue arises due to a failure of the device to handle exceptional input",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1803"
},
{
"db": "BID",
"id": "10601"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "10601",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2004-1803",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1803"
},
{
"db": "BID",
"id": "10601"
}
]
},
"id": "VAR-200406-0053",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1803"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1803"
}
]
},
"last_update_date": "2022-05-17T01:46:08.254000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "3Com SuperStack Switch Web Remote Denial of Service Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/42831"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1803"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.3com.com/"
},
{
"trust": 0.3,
"url": "http://csoweb4.3com.com/swups/"
}
],
"sources": [
{
"db": "BID",
"id": "10601"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2004-1803"
},
{
"db": "BID",
"id": "10601"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1803"
},
{
"date": "2004-06-24T00:00:00",
"db": "BID",
"id": "10601"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1803"
},
{
"date": "2004-06-24T00:00:00",
"db": "BID",
"id": "10601"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "10601"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com SuperStack Switch Web Remote Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1803"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "10601"
}
],
"trust": 0.3
}
}
VAR-200410-0120
Vulnerability from variot - Updated: 2022-05-17 01:443Com OfficeConnect ADSL Wireless 11g Firewall Router is reported prone to multiple unspecified vulnerabilities. The following issues were reported: An unspecified issue affects the DHCP service. Another issue is related to displaying two duplicate login IPs. An unspecified denial of service vulnerability may allow remote attackers to restart the device. This issue occurs due to insufficient boundary checks performed by the application. 3Com OfficeConnect ADSL Wireless 11g Firewall Router firmware versions prior to 1.27 are vulnerable to these issues. **UPDATE: it should be noted that the issue described as an error in displaying two duplicate IPs has been assigned it own BID as more information has become available. Please see '3Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Bypass Vulnerability' (BID 11438) for more information.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200410-0120",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.24"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.23"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.13"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "1.27"
}
],
"sources": [
{
"db": "BID",
"id": "11422"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "These issues were reported by the vendor.",
"sources": [
{
"db": "BID",
"id": "11422"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect ADSL Wireless 11g Firewall Router is reported prone to multiple unspecified vulnerabilities. The following issues were reported:\nAn unspecified issue affects the DHCP service.\nAnother issue is related to displaying two duplicate login IPs.\nAn unspecified denial of service vulnerability may allow remote attackers to restart the device. This issue occurs due to insufficient boundary checks performed by the application.\n3Com OfficeConnect ADSL Wireless 11g Firewall Router firmware versions prior to 1.27 are vulnerable to these issues.\n**UPDATE: it should be noted that the issue described as an error in displaying two duplicate IPs has been assigned it own BID as more information has become available. Please see \u00273Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Bypass Vulnerability\u0027 (BID 11438) for more information.",
"sources": [
{
"db": "BID",
"id": "11422"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11422",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "11422"
}
]
},
"id": "VAR-200410-0120",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6666667
},
"last_update_date": "2022-05-17T01:44:48.309000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/detail.jsp?tab=features\u0026pathtype=purchase\u0026sku=3crwe754g72-a"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/result.jsp?selected=all\u0026sort=effdt\u0026order=desc\u0026sku=3crwe754g72-a"
}
],
"sources": [
{
"db": "BID",
"id": "11422"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "11422"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-15T00:00:00",
"db": "BID",
"id": "11422"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-15T00:00:00",
"db": "BID",
"id": "11422"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "11422"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect ADSL Wireless 11g Firewall Router Multiple Unspecified Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "11422"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "11422"
}
],
"trust": 0.3
}
}
VAR-200303-0127
Vulnerability from variot - Updated: 2022-05-17 01:42The 3com SuperStack II Remote Access System 1500 is a device that accesses telecommunications equipment through BRI-ISDN/analog lines. The 3com SuperStack II remote access system handles malformed packets incorrectly, and remote attackers can exploit this vulnerability to perform denial of service attacks on devices. The attacker sends a packet with the IP option length field set to zero to the RAS 1500 system, which can cause the device to reboot and disconnect all connections. A vulnerability has been reported in the 3Com SuperStack II RAS 1500 router. The problem occurs when processing network packets containing malicious IP headers. When received, the packet may cause the router to crash
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200303-0127",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "superstack ii ras",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1500"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0845"
},
{
"db": "BID",
"id": "7175"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The discovery of this vulnerability has been credited to Piotr Chytla \u003cpch@isec.pl\u003e.",
"sources": [
{
"db": "BID",
"id": "7175"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2003-0845",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2003-0845",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0845"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The 3com SuperStack II Remote Access System 1500 is a device that accesses telecommunications equipment through BRI-ISDN/analog lines. The 3com SuperStack II remote access system handles malformed packets incorrectly, and remote attackers can exploit this vulnerability to perform denial of service attacks on devices. The attacker sends a packet with the IP option length field set to zero to the RAS 1500 system, which can cause the device to reboot and disconnect all connections. A vulnerability has been reported in the 3Com SuperStack II RAS 1500 router. The problem occurs when processing network packets containing malicious IP headers. When received, the packet may cause the router to crash",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0845"
},
{
"db": "BID",
"id": "7175"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7175",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2003-0845",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0845"
},
{
"db": "BID",
"id": "7175"
}
]
},
"id": "VAR-200303-0127",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0845"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0845"
}
]
},
"last_update_date": "2022-05-17T01:42:53.023000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104852250406896\u0026w=2"
},
{
"trust": 0.3,
"url": "/archive/1/316043"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0845"
},
{
"db": "BID",
"id": "7175"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2003-0845"
},
{
"db": "BID",
"id": "7175"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0845"
},
{
"date": "2003-03-24T00:00:00",
"db": "BID",
"id": "7175"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0845"
},
{
"date": "2003-03-24T00:00:00",
"db": "BID",
"id": "7175"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "7175"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com SuperStack II RAS 1500 Malicious IP Header Remote Denial of Service Attack Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0845"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "7175"
}
],
"trust": 0.3
}
}
VAR-200811-0451
Vulnerability from variot - Updated: 2022-05-17 01:413Com Wireless 8760 Dual-Radio 11a/b/g PoE is a wireless access router for all types of businesses. The HTTP authentication mechanism of the 3Com AP 8760 is as follows: 1. The router checks whether the credentials submitted by the user are valid. 2. If valid, the router's web interface redirects the user to a URL that is only available to authenticated administrative users. Each time an authenticated URL is accessed, no authentication data is sent in the HTTP request, including the password or session ID. The AP simply uses the administrator's source IP address as the authentication data. That is to say, the authentication status only depends on the assumption that the attacker does not know the URL after authentication and the administrator does not share the same source IP address. As long as the administrator URL is accessed from a browser with the same IP address (such as by sharing the same proxy or NAT IP address), the authentication check can be completely bypassed. If you submit a malicious request to the 3Com AP 8760 router, you may also return sensitive data, including the administrator password, on some pages. When changing the system name via SNMP, if a cross-site scripting load is injected on a page such as a login page, the administrator password can be redirected to its own site by overwriting the operational properties of the login form. Successfully exploiting these issues will allow an attacker to obtain administrative credentials, bypass security mechanisms, or run attacker-supplied HTML and script code in the context of the web administration interface. The attacker may then be able to steal cookie-based authentication credentials or control how the site is rendered to the user; other attacks are also possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200811-0451",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "wireless dual-radio 11a/b/g poe",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "87600"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-5684"
},
{
"db": "BID",
"id": "32358"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adrian Pastor of ProCheckUp Ltd",
"sources": [
{
"db": "BID",
"id": "32358"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 8.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2008-5684",
"impactScore": 7.8,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2008-5684",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-5684"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com Wireless 8760 Dual-Radio 11a/b/g PoE is a wireless access router for all types of businesses. The HTTP authentication mechanism of the 3Com AP 8760 is as follows: 1. The router checks whether the credentials submitted by the user are valid. 2. If valid, the router\u0027s web interface redirects the user to a URL that is only available to authenticated administrative users. Each time an authenticated URL is accessed, no authentication data is sent in the HTTP request, including the password or session ID. The AP simply uses the administrator\u0027s source IP address as the authentication data. That is to say, the authentication status only depends on the assumption that the attacker does not know the URL after authentication and the administrator does not share the same source IP address. As long as the administrator URL is accessed from a browser with the same IP address (such as by sharing the same proxy or NAT IP address), the authentication check can be completely bypassed. If you submit a malicious request to the 3Com AP 8760 router, you may also return sensitive data, including the administrator password, on some pages. When changing the system name via SNMP, if a cross-site scripting load is injected on a page such as a login page, the administrator password can be redirected to its own site by overwriting the operational properties of the login form. \nSuccessfully exploiting these issues will allow an attacker to obtain administrative credentials, bypass security mechanisms, or run attacker-supplied HTML and script code in the context of the web administration interface. The attacker may then be able to steal cookie-based authentication credentials or control how the site is rendered to the user; other attacks are also possible",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-5684"
},
{
"db": "BID",
"id": "32358"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "32358",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2008-5684",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-5684"
},
{
"db": "BID",
"id": "32358"
}
]
},
"id": "VAR-200811-0451",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-5684"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-5684"
}
]
},
"last_update_date": "2022-05-17T01:41:48.159000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.info/?l=bugtraq\u0026m=122712502118280\u0026w=2"
},
{
"trust": 0.3,
"url": "/archive/1/498489"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/detail.jsp?pathtype=purchase\u0026tab=features\u0026sku=3crwe876075"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-5684"
},
{
"db": "BID",
"id": "32358"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2008-5684"
},
{
"db": "BID",
"id": "32358"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-11-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2008-5684"
},
{
"date": "2008-11-19T00:00:00",
"db": "BID",
"id": "32358"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2008-5684"
},
{
"date": "2008-11-19T18:04:00",
"db": "BID",
"id": "32358"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "32358"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com AP 8760 bypasses authentication, leaking passwords, and SNMP injection vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2008-5684"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "32358"
}
],
"trust": 0.3
}
}
VAR-202107-1865
Vulnerability from variot - Updated: 2022-05-04 10:10Founded in 1979, 3Com is an American equipment provider that provides security products, integrated voice equipment, and data network solutions for enterprises of all sizes.
3Com-OfficeConnect ADSL Wireless 11g Firewall Router has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202107-1865",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "3com-officeconnect adsl wireless 11g firewall router",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-43989"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-43989",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2021-43989",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-43989"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Founded in 1979, 3Com is an American equipment provider that provides security products, integrated voice equipment, and data network solutions for enterprises of all sizes.\n\r\n\r\n3Com-OfficeConnect ADSL Wireless 11g Firewall Router has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-43989"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-43989",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-43989"
}
]
},
"id": "VAR-202107-1865",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-43989"
}
],
"trust": 1.2666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-43989"
}
]
},
"last_update_date": "2022-05-04T10:10:31.195000Z",
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-43989"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-43989"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-43989"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com-OfficeConnect ADSL Wireless 11g Firewall Router has weak password vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-43989"
}
],
"trust": 0.6
}
}
VAR-202106-2232
Vulnerability from variot - Updated: 2022-05-04 09:423COM is an American company that produces and sells products related to computer networks.
3COM NJ2000 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-2232",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nj2000",
"scope": null,
"trust": 0.6,
"vendor": "3com",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32466"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-32466",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2021-32466",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32466"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3COM is an American company that produces and sells products related to computer networks.\n\r\n\r\n3COM NJ2000 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32466"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-32466",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32466"
}
]
},
"id": "VAR-202106-2232",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32466"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32466"
}
]
},
"last_update_date": "2022-05-04T09:42:00.419000Z",
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-32466"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-32466"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-32466"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3COM NJ2000 has weak password vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32466"
}
],
"trust": 0.6
}
}