var-201704-1421
Vulnerability from variot
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password can be found in the decrypted data. After reading the user password, the project can be opened and modified with the Schneider product. Schneider Electric SoMachine Basic and Modicon Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The former is a programming and debugging interface for all components on the control platform; the latter is a programmable controller. An attacker could exploit the vulnerability to open and modify protected project files with Schneider's products. A remote attacker may leverage this issue to gain root access to the affected system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1421",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "modicon tm221ce16r",
"scope": "eq",
"trust": 1.9,
"vendor": "schneider electric",
"version": "1.3.3.3"
},
{
"model": "somachine",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": "1.4"
},
{
"model": "modicon tm221ce16r",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "somachine",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": "basic software"
},
{
"model": "electric modicon tm221ce16r",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "1.3.3.3"
},
{
"model": "electric somachine basic sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "1.4"
},
{
"model": "somachine basic",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.5"
},
{
"model": "somachine basic sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.4"
},
{
"model": "modicon m221",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.5.0.1"
},
{
"model": "modicon m221",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.5.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "modicon tm221ce16r",
"version": "1.3.3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "somachine",
"version": "1.4"
}
],
"sources": [
{
"db": "IVD",
"id": "baed19f0-f146-47b4-be70-37b627575985"
},
{
"db": "CNVD",
"id": "CNVD-2017-05014"
},
{
"db": "BID",
"id": "97518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-273"
},
{
"db": "NVD",
"id": "CVE-2017-7574"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:schneider_electric:modicon_tm221ce16r_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:somachine",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Simon Heming, Maik Br\u00fcggemann, Hendrik Schwartke, Ralf Spenneberg.",
"sources": [
{
"db": "BID",
"id": "97518"
}
],
"trust": 0.3
},
"cve": "CVE-2017-7574",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-7574",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-05014",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "baed19f0-f146-47b4-be70-37b627575985",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-115777",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-7574",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-7574",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7574",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-7574",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-05014",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-273",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "baed19f0-f146-47b4-be70-37b627575985",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-115777",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-7574",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "baed19f0-f146-47b4-be70-37b627575985"
},
{
"db": "CNVD",
"id": "CNVD-2017-05014"
},
{
"db": "VULHUB",
"id": "VHN-115777"
},
{
"db": "VULMON",
"id": "CVE-2017-7574"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-273"
},
{
"db": "NVD",
"id": "CVE-2017-7574"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password can be found in the decrypted data. After reading the user password, the project can be opened and modified with the Schneider product. Schneider Electric SoMachine Basic and Modicon Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The former is a programming and debugging interface for all components on the control platform; the latter is a programmable controller. An attacker could exploit the vulnerability to open and modify protected project files with Schneider\u0027s products. \nA remote attacker may leverage this issue to gain root access to the affected system",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7574"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
},
{
"db": "CNVD",
"id": "CNVD-2017-05014"
},
{
"db": "BID",
"id": "97518"
},
{
"db": "IVD",
"id": "baed19f0-f146-47b4-be70-37b627575985"
},
{
"db": "VULHUB",
"id": "VHN-115777"
},
{
"db": "VULMON",
"id": "CVE-2017-7574"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7574",
"trust": 3.7
},
{
"db": "BID",
"id": "97518",
"trust": 3.5
},
{
"db": "SCHNEIDER",
"id": "SEVD-2017-097-01",
"trust": 1.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-103-02",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201704-273",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-05014",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003056",
"trust": 0.8
},
{
"db": "IVD",
"id": "BAED19F0-F146-47B4-BE70-37B627575985",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-115777",
"trust": 0.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-103-02A",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-7574",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "baed19f0-f146-47b4-be70-37b627575985"
},
{
"db": "CNVD",
"id": "CNVD-2017-05014"
},
{
"db": "VULHUB",
"id": "VHN-115777"
},
{
"db": "VULMON",
"id": "CVE-2017-7574"
},
{
"db": "BID",
"id": "97518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-273"
},
{
"db": "NVD",
"id": "CVE-2017-7574"
}
]
},
"id": "VAR-201704-1421",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "baed19f0-f146-47b4-be70-37b627575985"
},
{
"db": "CNVD",
"id": "CNVD-2017-05014"
},
{
"db": "VULHUB",
"id": "VHN-115777"
}
],
"trust": 1.8444444333333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "baed19f0-f146-47b4-be70-37b627575985"
},
{
"db": "CNVD",
"id": "CNVD-2017-05014"
}
]
},
"last_update_date": "2024-11-23T22:01:10.532000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2017-097-01",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-01"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115777"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
},
{
"db": "NVD",
"id": "CVE-2017-7574"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://os-s.net/advisories/oss-2017-02.pdf"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/97518"
},
{
"trust": 1.8,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2017-097-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-103-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7574"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7574"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/97518/info"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-103-02a"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05014"
},
{
"db": "VULHUB",
"id": "VHN-115777"
},
{
"db": "VULMON",
"id": "CVE-2017-7574"
},
{
"db": "BID",
"id": "97518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-273"
},
{
"db": "NVD",
"id": "CVE-2017-7574"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "baed19f0-f146-47b4-be70-37b627575985"
},
{
"db": "CNVD",
"id": "CNVD-2017-05014"
},
{
"db": "VULHUB",
"id": "VHN-115777"
},
{
"db": "VULMON",
"id": "CVE-2017-7574"
},
{
"db": "BID",
"id": "97518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-273"
},
{
"db": "NVD",
"id": "CVE-2017-7574"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-22T00:00:00",
"db": "IVD",
"id": "baed19f0-f146-47b4-be70-37b627575985"
},
{
"date": "2017-04-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05014"
},
{
"date": "2017-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-115777"
},
{
"date": "2017-04-06T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7574"
},
{
"date": "2017-04-06T00:00:00",
"db": "BID",
"id": "97518"
},
{
"date": "2017-05-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003056"
},
{
"date": "2017-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-273"
},
{
"date": "2017-04-06T21:59:00.307000",
"db": "NVD",
"id": "CVE-2017-7574"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05014"
},
{
"date": "2017-04-15T00:00:00",
"db": "VULHUB",
"id": "VHN-115777"
},
{
"date": "2021-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7574"
},
{
"date": "2017-04-18T01:06:00",
"db": "BID",
"id": "97518"
},
{
"date": "2017-05-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003056"
},
{
"date": "2021-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-273"
},
{
"date": "2024-11-21T03:32:11.727000",
"db": "NVD",
"id": "CVE-2017-7574"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-273"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric SoMachine Basic and Modicon Vulnerabilities related to the use of hard-coded credentials",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003056"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-273"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.