## Summary
OpenSSL and Apache Tomcat vulnerabilities were disclosed recently, OpenSSL and Apache Tomcat are used by Rational BuildForge. Rational BuildForge has addressed the applicable CVEs.
## Vulnerability Details
**CVEID: **[**CVE-2016-1240**](<https://vulners.com/cve/CVE-2016-1240>)
**DESCRIPTION**: Apache Tomcat could allow a local attacker to gain elevated privileges on the system, caused by the exploitation of an unsafe chown command in Tomcat init script. An attacker could exploit this vulnerability to gain root privileges on the system.
CVSS Base Score: 8.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117091> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
**CVEID: **[**CVE-2016-6797**](<https://vulners.com/cve/CVE-2016-6797>)
**DESCRIPTION**: Apache Tomcat could allow a remote attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118403> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
**CVEID: **[**CVE-2016-0762**](<https://vulners.com/cve/CVE-2016-0762>)
**DESCRIPTION**: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118407> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
**CVEID: **[**CVE-2016-5018**](<https://vulners.com/cve/CVE-2016-5018>)
**DESCRIPTION**: Apache Tomcat could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118406> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
**CVEID: **[**CVE-2016-6794**](<https://vulners.com/cve/CVE-2016-6794>)
**DESCRIPTION**: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118405> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
**CVEID: **[**CVE-2016-6796**](<https://vulners.com/cve/CVE-2016-6796>)
**DESCRIPTION**: Apache Tomcat could allow a remote attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118404> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
**CVEID: **[**CVE-2016-2177**](<https://vulners.com/cve/CVE-2016-2177>)
**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID: **[**CVE-2016-2178**](<https://vulners.com/cve/CVE-2016-2178>)
**DESCRIPTION**: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
**CVEID: **[**CVE-2016-6306**](<https://vulners.com/cve/CVE-2016-6306>)
**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
**CVEID: **[**CVE-2016-6302**](<https://vulners.com/cve/CVE-2016-6302>)
**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**CVEID: **[**CVE-2016-6304**](<https://vulners.com/cve/CVE-2016-6304>)
**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID: **[**CVE-2016-6303**](<https://vulners.com/cve/CVE-2016-6303>)
**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**CVEID: **[**CVE-2016-2182**](<https://vulners.com/cve/CVE-2016-2182>)
**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
**CVEID: **[**CVE-2016-2180**](<https://vulners.com/cve/CVE-2016-2180>)
**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115829> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID: **[**CVE-2016-2181**](<https://vulners.com/cve/CVE-2016-2181>)
**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**CVEID: **[**CVE-2016-2183**](<https://vulners.com/cve/CVE-2016-2183>)
**DESCRIPTION**: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack.
CVSS Base Score: 3.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
**CVEID: **[**CVE-2016-6325**](<https://vulners.com/cve/CVE-2016-6325>)
**DESCRIPTION**: Red Hat Enterprise Linux, JBoss Web Server and JBoss EWS could allow a local attacker to gain elevated privileges on the system, caused by the installation of /etc/sysconfig/tomcat and /etc/tomcat/tomcat.conf configuration files with insecure permissions by the Tomcat package. An attacker could exploit this vulnerability using membership in the Tomcat group to gain elevated privileges on the system.
CVSS Base Score: 7.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117859> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
**CVEID: **[**CVE-2016-5425**](<https://vulners.com/cve/CVE-2016-5425>)
**DESCRIPTION**: Multiple Apache Tomcat packages on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions could allow a local attacker to gain elevated privileges on the system, caused by the installation of the /user/lib/tmpfiles.d/tomcat.conf configuration file with insecure permissions. An attacker could exploit this vulnerability using the systemd-tmpfiles service to gain root privileges on the system.
CVSS Base Score: 8.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117580> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
**CVEID: **[**CVE-2016-6816**](<https://vulners.com/cve/CVE-2016-6816>)
**DESCRIPTION**: Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information.
CVSS Base Score: 6.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119158> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
**CVEID: **[**CVE-2016-6817**](<https://vulners.com/cve/CVE-2016-6817>)
**DESCRIPTION**: Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted HTTP/2 header, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119156> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID: **[**CVE-2016-8735**](<https://vulners.com/cve/CVE-2016-8735>)
**DESCRIPTION**: Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an error in the JmxRemoteLifecycleListener. By sending specially crafted data to a JMX port, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges.
CVSS Base Score: 7.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119157> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
## Affected Products and Versions
BuildForge v8.0 - 8.0.0.4
## Remediation/Fixes
[BuildForge 8.0.0.4 iFix1](<http://download4.boulder.ibm.com/sar/CMA/RAA/06n2y/0/8004ifix1.zip>)
## Workarounds and Mitigations
NONE
##
{"id": "DA78D22BE98AAE3FAE7595498C22303F728B4F1A787F6AA2950D1A2B51579024", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin:Vulnerabilities in Apache Tomcat and OpenSSL affect Rational BuildForge", "description": "## Summary\n\nOpenSSL and Apache Tomcat vulnerabilities were disclosed recently, OpenSSL and Apache Tomcat are used by Rational BuildForge. Rational BuildForge has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID: **[**CVE-2016-1240**](<https://vulners.com/cve/CVE-2016-1240>) \n**DESCRIPTION**: Apache Tomcat could allow a local attacker to gain elevated privileges on the system, caused by the exploitation of an unsafe chown command in Tomcat init script. An attacker could exploit this vulnerability to gain root privileges on the system. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117091> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[**CVE-2016-6797**](<https://vulners.com/cve/CVE-2016-6797>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118403> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n \n**CVEID: **[**CVE-2016-0762**](<https://vulners.com/cve/CVE-2016-0762>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118407> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n \n**CVEID: **[**CVE-2016-5018**](<https://vulners.com/cve/CVE-2016-5018>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118406> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n \n**CVEID: **[**CVE-2016-6794**](<https://vulners.com/cve/CVE-2016-6794>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118405> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n \n**CVEID: **[**CVE-2016-6796**](<https://vulners.com/cve/CVE-2016-6796>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118404> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n \n**CVEID: **[**CVE-2016-2177**](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n \n**CVEID: **[**CVE-2016-2178**](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION**: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n \n**CVEID: **[**CVE-2016-6306**](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n \n**CVEID: **[**CVE-2016-6302**](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n \n**CVEID: **[**CVE-2016-6304**](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n \n**CVEID: **[**CVE-2016-6303**](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n \n**CVEID: **[**CVE-2016-2182**](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n \n**CVEID: **[**CVE-2016-2180**](<https://vulners.com/cve/CVE-2016-2180>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n \n**CVEID: **[**CVE-2016-2181**](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n \n**CVEID: **[**CVE-2016-2183**](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION**: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[**CVE-2016-6325**](<https://vulners.com/cve/CVE-2016-6325>) \n**DESCRIPTION**: Red Hat Enterprise Linux, JBoss Web Server and JBoss EWS could allow a local attacker to gain elevated privileges on the system, caused by the installation of /etc/sysconfig/tomcat and /etc/tomcat/tomcat.conf configuration files with insecure permissions by the Tomcat package. An attacker could exploit this vulnerability using membership in the Tomcat group to gain elevated privileges on the system. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117859> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[**CVE-2016-5425**](<https://vulners.com/cve/CVE-2016-5425>) \n**DESCRIPTION**: Multiple Apache Tomcat packages on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions could allow a local attacker to gain elevated privileges on the system, caused by the installation of the /user/lib/tmpfiles.d/tomcat.conf configuration file with insecure permissions. An attacker could exploit this vulnerability using the systemd-tmpfiles service to gain root privileges on the system. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117580> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n \n**CVEID: **[**CVE-2016-6816**](<https://vulners.com/cve/CVE-2016-6816>) \n**DESCRIPTION**: Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119158> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n \n**CVEID: **[**CVE-2016-6817**](<https://vulners.com/cve/CVE-2016-6817>) \n**DESCRIPTION**: Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted HTTP/2 header, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119156> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n \n**CVEID: **[**CVE-2016-8735**](<https://vulners.com/cve/CVE-2016-8735>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an error in the JmxRemoteLifecycleListener. By sending specially crafted data to a JMX port, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119157> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nBuildForge v8.0 - 8.0.0.4\n\n## Remediation/Fixes\n\n[BuildForge 8.0.0.4 iFix1](<http://download4.boulder.ibm.com/sar/CMA/RAA/06n2y/0/8004ifix1.zip>)\n\n## Workarounds and Mitigations\n\nNONE\n\n## ", "published": "2018-06-17T05:18:07", "modified": "2018-06-17T05:18:07", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/287125", "reporter": "IBM", "references": [], "cvelist": ["CVE-2016-0762", "CVE-2016-1240", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-5018", "CVE-2016-5425", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6325", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-6817", "CVE-2016-8735"], "immutableFields": [], "lastseen": "2023-02-21T01:48:36", "viewCount": 3, "enchantments": {"score": {"value": 0.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "aix", "idList": ["JAVA_JAN2017_ADVISORY.ASC", "OPENSSL_ADVISORY21.ASC"]}, {"type": "altlinux", "idList": ["A313619150234C546790730041B628B1"]}, {"type": "amazon", "idList": ["ALAS-2016-749", "ALAS-2016-755", "ALAS-2016-764", "ALAS-2016-776", "ALAS-2016-777", "ALAS-2016-778", "ALAS-2017-791", "ALAS-2017-797", "ALAS-2017-810"]}, {"type": "android", "idList": ["ANDROID:CVE-2016-2182"]}, {"type": "androidsecurity", "idList": ["ANDROID:2017-03-01"]}, {"type": "apple", "idList": ["APPLE:F15BAD0991243C5F3BD7A363EA796E0C", "APPLE:HT207423"]}, {"type": "archlinux", "idList": ["ASA-201609-23", "ASA-201609-24", "ASA-201611-22"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-64394", "ATLASSIAN:JRASERVER-65102", "JRASERVER-64394", "JRASERVER-65102"]}, {"type": "attackerkb", "idList": ["AKB:9AB03E2E-596C-490F-8DCB-1A41D344A5AD"]}, {"type": "centos", "idList": ["CESA-2016:1940", "CESA-2016:2045", "CESA-2016:2046", "CESA-2017:0180", "CESA-2017:0269", "CESA-2017:0527", "CESA-2017:0935", "CESA-2017:2247", "CESA-2018:2123"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2016-0821", "CPAI-2016-0822", "CPAI-2016-0968"]}, {"type": "cisco", "idList": ["CISCO-SA-20160927-OPENSSL"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:387B2BBB51760E1FFD4562D4008446F7", "CFOUNDRY:5C300E479531E65B86D1CE2C330F61A9", "CFOUNDRY:927660022E9A31CE680A6AE3AFF33997"]}, {"type": "cve", "idList": ["CVE-2016-0762", "CVE-2016-1240", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-5018", "CVE-2016-5425", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6325", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-6817", "CVE-2016-8735", "CVE-2017-6056", "CVE-2023-0296"]}, {"type": "debian", "idList": ["DEBIAN:DLA-622-1:61A2B", "DEBIAN:DLA-622-1:AA05E", "DEBIAN:DLA-623-1:731F0", "DEBIAN:DLA-623-1:9251E", "DEBIAN:DLA-637-1:F8314", "DEBIAN:DLA-728-1:A9D65", "DEBIAN:DLA-728-1:ECD0E", "DEBIAN:DLA-729-1:1B0B9", "DEBIAN:DLA-729-1:E931B", "DEBIAN:DLA-746-1:64FA3", "DEBIAN:DLA-746-1:A270A", "DEBIAN:DLA-746-2:0504B", "DEBIAN:DLA-746-2:CEF95", "DEBIAN:DLA-753-1:4DD3E", "DEBIAN:DLA-753-1:C31B7", "DEBIAN:DLA-779-1:56F21", "DEBIAN:DLA-779-1:8029E", "DEBIAN:DSA-3669-1:CFB19", "DEBIAN:DSA-3670-1:7364A", "DEBIAN:DSA-3673-1:477A4", "DEBIAN:DSA-3673-2:ACCEF", "DEBIAN:DSA-3673-2:FD8F0", "DEBIAN:DSA-3720-1:0F2C1", "DEBIAN:DSA-3720-1:B5B38", "DEBIAN:DSA-3721-1:2B54A", "DEBIAN:DSA-3721-1:8336F", "DEBIAN:DSA-3738-1:66970", "DEBIAN:DSA-3738-1:EB221", "DEBIAN:DSA-3739-1:06429", "DEBIAN:DSA-3739-1:1BDAB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-0762", "DEBIANCVE:CVE-2016-1240", "DEBIANCVE:CVE-2016-2177", "DEBIANCVE:CVE-2016-2178", "DEBIANCVE:CVE-2016-2180", "DEBIANCVE:CVE-2016-2181", "DEBIANCVE:CVE-2016-2182", "DEBIANCVE:CVE-2016-5018", "DEBIANCVE:CVE-2016-5425", "DEBIANCVE:CVE-2016-6302", "DEBIANCVE:CVE-2016-6303", "DEBIANCVE:CVE-2016-6304", "DEBIANCVE:CVE-2016-6306", "DEBIANCVE:CVE-2016-6325", "DEBIANCVE:CVE-2016-6794", "DEBIANCVE:CVE-2016-6796", "DEBIANCVE:CVE-2016-6797", "DEBIANCVE:CVE-2016-6816", "DEBIANCVE:CVE-2016-6817", "DEBIANCVE:CVE-2016-8735", "DEBIANCVE:CVE-2017-6056"]}, {"type": "exploitdb", "idList": ["EDB-ID:40450", "EDB-ID:40488", "EDB-ID:47892"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:069C31B8DD5A351921E96252215466D8", "EXPLOITPACK:093A394113BB59F99F2891210E4279F0", "EXPLOITPACK:1B5B3B594F0BEB22BF053920EF4C7307", "EXPLOITPACK:1FA29992905DF6DC8A86680F66930B75", "EXPLOITPACK:3168D2153C7D83509BF8B05BB17AF9F0"]}, {"type": "f5", "idList": ["F5:K01276005", "F5:K02652550", "F5:K13167034", "F5:K23873366", "F5:K35543324", "F5:K36302720", "F5:K36784855", "F5:K37337112", "F5:K49160100", "F5:K49820145", "F5:K50116122", "F5:K53084033", "F5:K54211024", "F5:K59298921", "F5:K61414056", "F5:K65230547", "F5:K70844615", "F5:K73644551", "F5:K90492697", "SOL01276005", "SOL02652550", "SOL09422508", "SOL13167034", "SOL22071504", "SOL23873366", "SOL35543324", "SOL36302720", "SOL36784855", "SOL49160100", "SOL49820145", "SOL50116122", "SOL54211024", "SOL61414056", "SOL65230547", "SOL73644551", "SOL90492697"]}, {"type": "fedora", "idList": ["FEDORA:125286087B00", "FEDORA:1472760748FE", "FEDORA:1DA54604D2A3", "FEDORA:2C5E66075D89", "FEDORA:4EA2C604D2D3", "FEDORA:7E8A66075F16", "FEDORA:8CEB2616D980", "FEDORA:C6B3F60776BE", "FEDORA:D917260C7478"]}, {"type": "fortinet", "idList": ["FG-IR-16-048", "FG-IR-17-173"]}, {"type": "freebsd", "idList": ["0B9AF110-D529-11E6-AE1B-002590263BF5", "0CA24682-3F03-11E6-B3C8-14DAE9D210B8", "3AE106E2-D521-11E6-AE1B-002590263BF5", "43EAA656-80BC-11E6-BF52-B499BAEBFEAF", "6F0529E2-2E82-11E6-B2EC-B499BAEBFEAF"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-16:26.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201612-16", "GLSA-201701-65", "GLSA-201705-09", "GLSA-201707-01"]}, {"type": "github", "idList": ["GHSA-2RVF-329F-P99G", "GHSA-4V3G-G84W-HV7R", "GHSA-698C-2X4J-G9GQ", "GHSA-JC7P-5R39-9477", "GHSA-Q6X7-F33R-3WXX", "GHSA-WXCP-F2C8-X6XV"]}, {"type": "hackerone", "idList": ["H1:1271701", "H1:142472", "H1:199436", "H1:199438", "H1:199445", "H1:207404", "H1:207457", "H1:216840", "H1:217431", "H1:221785", "H1:221787", "H1:221788", "H1:221789", "H1:221790", "H1:244459", "H1:648434"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20170322-01-OPENSSL"]}, {"type": "ibm", "idList": ["007E4732B5C858D68314FCBC681F238D11A80EC2685E0C320CE28F1D80CB4ECA", "00C392F80C93B9FD9D5E530029FDB643360FA8C14DBEEED32C8359B1CA0E28A9", "017198847549473B2F1109F9F4CE4C76950F186E9BE5A4FEADE9746A60AB9F69", "029AA49A507A723A5E4C56429FB5A19F84FFBFB3D81F702E5C7D95F238C49FAF", "04CCD85F205DB5AE3B48DF024CA31C67FF8428AFCAA4F57505358014C07CB875", "04EED2117E1687EB241C7ABC5CB11968429DE85CA86DBFFC8AA9194D5653A8C9", "059BFBBD8CB8F92E03748427F677CBE26E890BA80C56429CEEE0842DFE7AAD52", "05E850F4BA5E54B59E8E6813ED22A9D63AE8E31513D1E4B83D19B9435602D398", "09BC2064F811FC94E18ED98B95A8F98471F59FB9C9B4214342140B11920367AE", "0BB0F39865741AB9E1AFB9CA3C5508F7FB9BEACECB805F04C6C6B336AA66617E", "0C1A8A8F899BAD393CEAEFB362E8BA638024D8C0B7B920D545CE843E1DAA23DC", "0C4F91C9AA7E146EDA1AA877B92C4C590E445AC7D2AC0E60ECCE4BA77A47F0EB", "0CB9447A86F4E057E6BCCE438A998B8AC6A17C94584F25C62A55D07D5D528CE3", "0DA16010754F6A3A66E6070FF741D701A7AD021EAE93340A6584612005BFDA0C", "0EDBD09066818302150073FA499E426B9E1E957BDBE65933BB41C32EAC61E483", "0EE17D440C828A2F1F3F9C3FDE6036B28E45371AB043D8D00888155801644813", "0F66A0EBF2BB354FEE49365A0BFF63BC3375F7D75B03AEC0D3A10E90CC949472", "11A86E6641297DAF1F727CB55B1F67C48A1B3D5E2E1EF8DAADBD7B84B7DAA777", "1381DDC2EB11D20FD35FD5133E3BDD2833703D883F98CAA012F0CFBF823F4A6D", "142CC78D456D60E4C1854BC0E93F8802FF4122A7CF6BFD85E457671E02B96A45", "178E9B6BDE18143A8F85AA25AD187AF0AE68FA979A81CAFC5F1D360B4174898F", "17C5F79C4C7AA38B0382C6A83D3B5EB17A334C042A875A99DDFEE93B8FCB82B0", "191ED0FC710CC29D37F2021F055C5B6E215B0D429C955179B8D16255149183CC", "1B2DCE61952BC751A0A03EA7E17596B9EB37FF0F00BB308BB9D09896E591D7E1", "1BFF63EB8AF39056E08427B06D34E43B32E43FBCC74FB2A85F32E708984FD60F", "1C7571B870C8E0F53BD1021F740C140F42C5E17DC0CF9E67A9EA518C91C58FE9", "21291E7103EF813617AD5162F9C81594AEA73B724194E64B80D67B6DDB05F469", "233226C0332001C81596C237819F64BB35F4B49297346F216B4DC90C72D26485", "25A108BB00669C6AFB7F493C12E44D6EEF88BF241A2EA038F40197F15B5975F3", "26CE7C1AAFA750AEA550E154567083BB107029164FBC8A538FD7AE568423A32C", "2747E3830DAF51B2780DB9863A2F1C153F8615DBA44A0B3E6AC2214663DF92F9", "28A18420E3649FDF858FD17E31DB05BBDD69C54F5D7556386C5774F6FC5E065D", "28F09F928D8A64947630E0341FDF6E6F1981E04939D0DE4237070C2BDEC2DDA7", "28F0B5CF7BC3DF04CC0364751D4F7FE6AD2A3C13D4AB2983EE89EA3F190062DB", "2B78C28C58CA4403F484741442315FDFB10F5CC97721D16541A7CEA0165B8942", "2D09370BF63380E5E37DA1E8FB27AD00A3CDFF81E6CB708DD97920A5020FAA74", "2E9BC1AFBA9F34E20E313BA5B8B5B6C1AEEC0E8F6EC0B353125AA17460789A62", "2F16303A6714ED6245EB041C18095D82C87D626C125467F6110490A6D850FA20", "3048CBA7FDCF53E63595104F24F428E3014DB1EE5B3AE7E450E0E0C06E5736BB", "309C257881EC1B262C362A51A26ED2456552A2DE0687635F17746EA2BB9A63D6", "30B97F976830F38EC78A601AC4AF08E5E915E3601910C6A37C3824A2F36E31B8", "328EA4EC6B75924B9BAF1379828755E57421F5DD51277D579C2833A7289B6F85", "3410E09FDCBC57E565C72083D3A630854D64B8490C9907FC7A07113F787F18CE", "356FE57EA65A13321D1E838C9735B06928F0572E0C6AB0955DE122FCE0F71789", "362D62C684CC4EC1C14D4239144C432AC6F62E6231DC7416F6DEB9B4ED0F1853", "380CCDF94F63E9411CB17899AD61C96C46F6EEF9CF6D334DF2C4AC51A8FD2C67", "38458D3770070EAF0DF6F2EB778DE85F403B99890EB0B69F4B9333DB4492B9FB", "3899BD4528C3DED11372760AAF676C3C87D98D5142D95E7CEE23A06644E3B197", "39C9A1E43EB70658FE71D01538582B5D0389F6360A624E0B8B800D6692A15BC0", "3D6246498CACCFF52D92DB28CC2A02DAA7ACB4972B156DE4B6CB298BFF2A769E", "3F02DA1DC04A6C658BCF965E5FB3FFCC64EB1D7D66FB0A8038636EF62D559250", "411DE209066A00259E38D292C22264C2EDA3B961B523920D589433F42FB534BC", "418A4C8D1E8F2E8A923DFE2C36570B4A5EF7B515E050C0F19513AF3DAE7D2628", "42D646B79963AF25FA8B3CA92924FF944D6CEFEE6BB53EA1B494E00FCE0E6877", "42DE03BFB60C7C03EC762C5A65E3D234775F9BF3F573DA84DD08CF37B63769A5", "449F34AAD10DD9765AEBD2663CC16B31AA5D35B533E921970DCB2DD9DF361C47", "47991D9067F3E8EA600E55446199432814A0D6200FFC38923B70F21CE2691318", "48F6840AC0A3A2A5DC3EB8D7F47480AADAE22C3CEDA66C7B389CD292BC042BFC", "4A2C5224A5D45C6378C117215B6377F5D1277DE19E121950C3A6023758C715BC", "4A5BA6F806D70D220D317E2FD1565C67DD9D79F0CCCC6F2EE1DF9D7FEAB9A24F", "4CB5AEEB4566C85CB97CB5F4470481A16D1ECBA93395EFF72D6B83CAA77AD1F6", "4D46555CC0823FE00CE69BB661E3C164ECC9C67FF1657E99090AA350CB0CD0FB", "4D5E32921B9FDA0BABDB9FC856CA2C16B6015205472E4B5A027576A1AC49A0F6", "4DCD65078718A8D516F2EEE878B45FE5D131D6C4D4010E935F3E6A750A6D9BB3", "4E0EFF0D013B3FFE7E5660259848A887BD9155BA19EF19DA0730D3AB081E99C4", "4E2827C7B66E5750B0EA21231A352254C3192453528CBEDD0F4F230B934557F2", "51AB1F7F50AE2546674F97D246115890E30F6672B86D6D523810D29C5BAE0D62", "52BCF84201CEBA012FEF5D806CBEB019BE40DA44E167DE103878B677EE8CAFAB", "5429E38F465E299C92AC7DD86F130BA87C6D67982845432134DB7C6219AD5893", "55156FCD842A2CC421648C286DB79335E98E88FF88D30BADC857588FB7995139", "552CCD91DA9A5C1B6B08BED8115E70317A59E9D05C357D2E72183BB05B7E0CE8", "554CE60D81502C7A54AA5DB43B8510FE85C857B252F4973C772C5F8C14862371", "55525A5AB54D0FA4DF8FA8BD6DC8E03E586A11FBFBE9E5EA61E7B15171D0178E", "55CEBB9E20A58983B23E3C229BF737495693CC60EFC2B16F3EF9E573880A87C2", "55DACA18AFE52B9657ED6763ECD6310E15A2B6AF470F5EA9C7BA6E971FD15B5B", "55F8F21346EDEA63D23DEC5EBB44C524EAAD84D3EF679B21A46A79265F3AEF5D", "55FA67BCBAA6733CED0D492F89AF1B40789BC45C04CD857041D7C44A7C56ED1E", "56F2525873CB26E2DB226CC8119EE30731A25D91BAA62D20D78A2A86FFDEB7F2", "57AD0C0FC8A00BEEF6E1F3C8A1E152181FB65DFF630150E0DA7D2BBD63A52DB2", "57CBD94F97013E208754F9AF764D3D11B1DD38D12A2436EA761D2BBFEB325C9A", "5A4497FC8A1B4A4FC9C09908B1EFA8D43A8880EF7525348AC636055A78F1D24C", "5A5125564C5E6100B8631DC69D64BB29F15CFE14C3E6A31A6DF6AD6E3808314A", "5A8825AD62C7A9668D229174BBF47E909FDDC63BC31C38BE196932E629C1F298", "5C7923D63FE9E28C3232FA5E48C042DF1DAAEFFA269010E68C9B0664FF539864", "5D4F062A535B083DCAFE40C555463FDC20B044731A77B663E5157BF58509D9D9", "61017E9A33F2AF48C2143A4F8C20339857CDCE271B93772622C33DFBADFDEC1E", "6390A51C827FA9826D05D6F22A5DB62BFFC9752CF836C6B898D5F5BEA5C44130", "66015684C1166B9AFC7A09E01337D5D9FE20EF8B62A13053D95EA5EAE5B3DB9B", "661038D02866F33EB6B87BA93B6392F175A00BE95B7EEE223493C4967AEE22D5", "67C80EFFE11B1AC1B2BC370071FDC07472E419E70A224CB705FF75FD6834928B", "690D239C58B9390FCF645AFD52B371B51B1030E1E9C92B0826778C4F0564517B", "6AC3D160EBC9B7B2A7A56866F588F05DBD295AB4AE46EB1CD3A574DC726F9423", "6BA7119E438195193182006EE07A8361B9555CA549522A22F76B70DEC940EE67", "6BF8F8C90E715B9A143845523172F62A58B1115933F9F9D53ECEE1B15908CAA2", "6C0F44079202A6A29F40AF9312C9BF35D7AB32AC9A43F7E92F1C25DAD4A35A55", "6C107A2A52C3CB8C7043BF560ADFEC6B0BE2520229D91A88B3B29AD9C90B1F84", "6C7AB1012C7AEA493F61B3F3AE6FBBA52E283C9CF0A9AF85B280B9CA9D04A3EC", "6D6FD3B17FF4E3AEC7C3300A59DF811D1AEFB71253A1B03A9B6D6569C666112F", "6F924CE97EAF01A558CD93CA2DE0592B84A0D2E46A023162677BE3BBE85AE3DC", "6F9B3E5D97FDBB41059AA8C4DDC3F8C6E337642756FF537C16A61C7599D523B9", "70549CC4BB1FA3369F5BC1EF01770F5CF2D9642AA2B34DE63805694D06A895CC", "70F04B9A5CE3FFBC33D36A32D999163F5334E04B121B116CCEE525F5C79AD71C", "74C131424177C4CF6AB6651DDB44D29A469C829765AFB2DE36CEB42B84675139", "775B57CB49BD54DD08F0B362C9B1350CE27111393E547386D47B85F4B30A09B9", "77FA959464E77CD2D3FEC090679425661D222D831CF3B1C6F715597D8077C55E", "7925A4A82073B74561DC5D50CF078A50AF6B99A79615D52B72210290EF21A39B", "79D11DDE94D9454365E3AA1412CDBD1A1B8D034E0320882C3AEA0F3D08C2ADD1", "79D43D17D2A976B2C3047912D4E3D7E3AD0E022693AF7355F8D1FB356A1EBD7E", "7A2D893F2FE7F77348033ABAB887687C87DB87D5D3A49EEC764B9B3146F2E94A", "7B9378AF248D940D0788A96824FAE025D12FC25C048224709857F9A129B7215F", "7C630DEEF9C025461097DE30AF143B45E948D8E848AEF027D365F38629529B0E", "7D29B4909C6BF3ADF472798B711970B396D8FD474F784096D0CD51E0C3DE6E56", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "809E4CF694B5B95B122BBA4091FD01DB408F612E91FB12D54920A9623768E6BA", "80C91CA022F79ACDEA0423AEF5701D511D848F98F4A10883EBD87E5B940F4449", "818D64FAB138724C60F014197EF2ABD600F61BDB47F446BB8AEED6AE2402076B", "83949293D531C3BC38D05B8E11F73860AE63D675A7ACD0FBACD46879F7DFA117", "84136D96DA7036EE5B9C3BE96A193173114E760A0B04831983D99C82317AF481", "843A643E29100FE80A1F85E4177BC532FD3AAA0F456EED8DC57146873CD867A7", "8575D8248B9DA38940B8C0CCB82D1E07AFCED1CC97BE2C46A21CC51F08DEC7BC", "858FB8E97369CD4DDF4CD784282A9BBA036EEA4C10CBA1596C7F829494127C80", "85D99759D6DDD213709202E4F55212241CF73C31554DD57FB2F87409A7B0DFE1", "85F4F9ABC26A141EA4CBD424EA8C33FAF00DCF970AA42D90F5EC572561A224B5", "88434B8A216FA4E9A7EDA68EE4211C8B663C7638A841826D77EA59C924786031", "88AB81EF4773044E57A4B0519932B93A44584B2D567DE41B65A3D966948BD2BB", "89FB1F6DCB93BD46FCFDD81C133FAF99D78B130334B30CD3B4040684BCED2BBD", "8A400BB6A99E8B90EEAFDEAC498275CFF269AF50ED449DD7602246B8F3C6CA90", "8B63CFAEEABC51DC97E6B89A9AA28B270B382B437AB0F2E9355DD73EA1589106", "8DC736DE56FAB6587FE3F3374A135C46A0E7ED405164BCFB17F0C06DF2FA350A", "8F63BC3CF4FFE8E56809705C71F9763152D76451EDAADBD199902983B8AC2975", "8FFB1FB8D45E5C03E45C30E41196BCE576C4E549211454B380BB582B3643A6C9", "9214CE38F1DD3B6CCA3C0A0D3903A565EF865C916F6409B27D0CB5862470E985", "93AB36DA337BD0948599C903BE961AACA714BA542798E8A1A52B5604155A59E7", "961139FFD2A7555D87242445D2488D9D7726066A578A2CDCB1D89E393344E30D", "97CF77A702900BA77E968389309024695F5A4B413BCB706E68F012C99DB07821", "98FBC29C8A3721BDF3BD24351FB4EDFE39F3D687293733385EB60C6187F38E27", "996F645DC3B49CC7398E4C90C384D03751E395B6523F4594A6FC7F1B1941A5FA", "9CC05BC9AAF90AC9A35EC7A7CEE6806A4960FEA9D45AFD554B0BCC73294A38C3", "9FFD672388E3FD39EB2F7A51F8EA5C6593FD9BB5CBCF7E347F42124D11DA676C", "A0863CA5D5484ACA86A919293340C73A404BFFC99B98DF8E4D5C2BA4EFD49938", "A20DD20D95C60578C655644D1A8A4C9E587B5A7916261AE7A525E0C7B766C3AC", "A228DCB694CAC8220E8E2A0506C4BA75BC3542B483B96F88329D683D29298312", "A4A418292F5C5C8C80C46DB9A7FF897A7DB5320DB9C8485519CA65DBA2E6C7C7", "A4F052050E4B3F587B7183D9FC910B303A3AE883F2DC83385E6EEA13376742FD", "A7E7A98C18A437DD59F5F1F10B7CE5B2BFBACAE3F6E564B5B4F9B2226C989CA5", "A9B346426D7E045BF1AFCAA04855729B0A1174B2DAF2F97666408FD0C01D4B12", "A9C254F86614D2334E5A1624EEBD7497A5FA74BEC3159FA2530927B6C4A89585", "AAF2444D3693DEED732DDA3749D3E19CD9BC8EC4BAA8F06BE89546470C973EEB", "AB8332BB49251697A40C4A181070CC821286458CE2114BD526688971705EBC0B", "AB91AC52CDF597E93AF79DE0C8F08E926367250FBDE0DB3DAF33556D0061634A", "AB9BF82645A26195B7E3A2A88C35E5D4BA1E45784589233A145CB109453CED5E", "AD89222617F895F6A68483970725D63E3E250AD136E5FC669CD376901654FE99", "AED3A66493C3939E184C67E808AAD3B5C01A31398E8573966247517E35DC5A65", "AF9FD56EA5BF3F5BCB57F75A6AE54511504240DA00654FA57F2B5BA41E8F0751", "B0917B9B05986D5C57AFA7D61D59DB3AC46BF8A66810DCCC331CD59E3A0CC975", "B192A38BFCB65C485CB834810BC072C9ED521B788476FAD8E67C2FE9EE26ACC2", "B1C96325B356B6322CE436FE75F350F9005DF2C5631508657564896656251B8B", "B2AE7BE38BB1D2FC6DC76887E9BF5080C8D6B44046C99122689E3A914F443661", "B2B869E92E2C0B24C8D4ECF615EFC9ECCD16AE763051DCDFC50A28156E3A511F", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "B36A668C28C4D760F6B565A18CA1708BA647B0486720FF7FEE833AC59F8D4800", "B3A5EDE44ABC6245B8E4A7EF9AB8315E98A883E3DDBD174C990FBC7555AC967D", "B49C4446E6FB71C3C0944852AB81096006AD85BA0DF0C93938657176A22CBD9E", "B5810DD31544DECD338CCD71F5C05C78B267068FE3FD01928B5545B05BEE5FA0", "B6E330D558AEA3A63E5B06D47046243959B8C2B20BA7866AAE3FA6E59F30BEB1", "B7F4D2883D13C31A6534DD4AF564AE15525F392CFEBE754984BDF499D627BDEC", "B8AFBDF45AEF0460886E5F93AC90DAE8F281918FBE5E510F9AEB0E2A09E65A0A", "B93B1ED022809B9A00E51D3D9FF14D51097C6F07EC178C4396907981684D8768", "B969FE7130BCAD03B5F16694D6DB94079140935ECAAF2DABA8FB7CA6CE7FD40E", "B9A37A9137A6A153E70081729BB78D8014252B973451FD1F85F546C27C63DFCA", "BA641051633E4D947A94268037F8B8865B6EE865868B44CAAC2ACF192C454E89", "BBD0BB9278125E79B44348E7A6E2FDFBBE0FF4AC9E9184823B714AE94FCDD740", "BBF5FBFE519F80A6B36C8E6B6ADC28B6EFD07A34E8008B141A42401A9CE1DE28", "BD0B415C053FC80669F34B90324081AA9C7BB6D74CC54042D2661B32F9E38691", "BD244D6323B186793AF96234D84BC097585F104DD8186806E8394D4EE6A8D3B7", "BD43DD1867AC2917BC9CDC37222E975203BCC23E7C7CF119168DA166A717B0C9", "BD8C0A1C6CF7A152703C30BB58CB250DE8EF6981B86403CF103D9F8401EAC584", "BE6E8380C13D1103EE23BA2477B40F90E44B32F9B46BF16533F8DB60DB918AA5", "BEA0DEA8581DC561B3E0FB6213C2324D0764CB41F471CBFCCD4404F07F203E7F", "BEB207CD99760307A802ABACD6003BA409940409CA99A3C7EBC99B31F98C7475", "BFC19961F4B2A71B650F919D0D8075421D25957A36A4487C121AAA7C17E478AF", "C0F80B7C16C9B80140D483C0FCD6882278F7435E15D4ED92C57FFA7E310185D5", "C2F11551C490E10BFAA814D528D82349D60E230C1FF169409FDDE70BC2DD9262", "C389EBD0964ABA27F048D6EDFDBBE608B1BF9C26B0C2A781B136F8A57CE34CC8", "C3BB49B3C8FE94F0C2662ED25678D79EEFC058304091D3E0BAA71319AC666FB3", "C419E4AE704DBAFD5EFD078AE673E051D209740CCE61A07F500573B347A7F595", "C4D6B3C9B481ABC83F058E2FA34A363CAF95D271DE6C1A6DB6A489BC94E26241", "C53191E7AB19F2F993B44066BAA50C1203DC120DB98B06380783A69701228D1E", "C57F30E6E03342E3FD025BF48AF7CBD1C692306C4F28B21C315740C154CDA1B1", "C651E37BF4B96F4EB07264F5CD8AF5358C07A1B2AF852ACFC9AC82E9E6722BEB", "C6C30575B8111B1F0235943AFBFB3EFC95AC6BC7ED4517C4C9F4D899336D20C9", "C78EC486D86230DDF1D8602E0B7F2837C1420576BD6B5934CAE208E06F1D5B36", "C7CBDBED0F63DA6EE5124570703632B6C2AAA8D5D0DF99F9E70413BFC17257F5", "C882C89B2B2EF702D5D615B6FB118F677DBF78B75B3C65EF291DF714D0BA3FE0", "CA022F6C74AB029507A536E48E400E3EBCD80F6563DFCB94ADFC3887F1C436C3", "CA5C62763261B95E690EF270E128D49DBAE0E294EBA0C3FACFEBCE39C7AA965C", "CF387EA027623942683EFC747D5E8C53C455A7B39987E11DF2162158A50271EA", "D0436708E17AE06481C5D812D4085089BCF7263B197EC4C10E8312B7221AB351", "D0917105241B3AF403EBCBDA7A2973304A787219E1BA33B2EC05560FF0A404EE", "D1B9345E7C0A3051B97AF8EB65F3D4BBDE1B65A53A7D35A8D108A09537C245F9", "D24802352877517E1A734910AA5B470C280E95428999292362B5DB5785262ED7", "D27D7A3FAB54F4252945DE24C1BCEB0239D87CB0DB7641EF3375DE0B604D151D", "D28A33DD6F9F0616BF17BE9435C16BA5747AE3606D1B535CC4C8068BCF7BF4EB", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D3BED0E83235D9426D986A11755E3B30E87187B154AD1097AE25C384A5EC66B8", "D4C1C0E6A5170ECC8C7B3DFFE304FF401A904E8D9E1A70A203081EBBCDBE568F", "D60E46330596DCE2059EC92EC698759ACCB875541CC622F435EF733178728B73", "D7448193BEC97EC6B90CB3869926C86749C2FB9859BC66CA55A2B2E7B21D692F", "D86FE44D98DA7C28FEC89271CF14D0D0C5B622A5A310D188BADF3A8D121163C7", "D88F8D4EC870E7EBE3D835E7BB4576597E4D9045A6C1183BC8C8273B825AA821", "D9BE0065398666E1D67CCC53BE7B141B9D057940F7F6EFEC200D45AA41B346EE", "DBD29332B6E297F25422EB8C28791AE3DD704B7B9FDB714ACE7016CEEC63D122", "DC6CFA97AFC11ECA8AC903B07B25377D9849F6E270CE2A8494F78E7B651A0389", "DC7AD8B9BD9F2094B5AA0BA923CF780A56203D60FCCBD82F16D044A454BA24EE", "DF03CD856A57D7360B711A6E6395B099DEE028A64AE6341A99493DBAF1274A4B", "E026D876441506065638E9669757F49A62954ECA499F837804AD1070CA5C7B19", "E07E9939487B5F63C0252300712F7211E6C0B89676F9E5D5E2613D17BD23D356", "E1347202BCC47D3F31895563DF1F7842BEC89FA802656E5A1AA1C6417187343D", "E19B380C2BF0F26DFDCBADD37C1B7D4A13ED463E7B4B4ECE7EEEC8895D5690CB", "E1BC051B35E6390CDF26EAF4F9606F465A68BC39D22DAB92F943569FCDE317AE", "E2DD11E66560F5B27482CD4CB2E260C96E8DBF8D494B7634E0E12040AD56C9CF", "E30E73EC52C28C43A6E751E1BE29D05BB6EAB02BC422665D82F3C431254532A5", "E696B3CA5F178FD306B6388A56E29902BF7FB34F7E9DBB15469457C70EE0724C", "E6A3CDDEC0E8C0243CCF6E3AE7AAC01B3BFAB2E4DCD3167478C7DABA96539284", "EC94857D7D563A0D20E8336122A527B358E52AC50ABAE059889E5A31BFEAB1C2", "ED60AC8DA8519FF62B67D9A42CACC711F4D100223E77E6CCFEC7F0D7ADF7426D", "EE2718514028559E6F27A557F3B2FF99E3B2AC3C33754AA2CB57AD5E245C7955", "EEA03DC5D5F457503B49BA5EAC8CAD8673CC1AB2819516EAE2647286AA79136D", "EF61076F398E7E703A00D1503205A1E6D7D23FD6F5942CC3C0F34D08EE3C113F", "EF8F5D2176643F60AAACF896D63970A0820FAB5D2142D03834334DF645116BBD", "F0E62F1700EDD02BA2F3839DDD88EA046C8C342A2FAE608A27D02F8C7F20EE45", "F459AB1C260CFFC2C7190B1E3819FC765E9C727A9B80E4712445C345AAC77B8F", "F4BDACE4C2BD969BE014F58FD96BAC012DCB9FD40640A048ED223245FEA36AB5", "F5CDE8C22C4BBC6BB7CBF97A440438D883CD649212412738F8629A2D4E07BCFD", "F7862E3AFF4165C1E96904B0CC478B568FD7C29638F30D7255C5D201546C0450", "F87CCF7C7DB0E048496672AF6D21D716CF33B0D433A0289B3C5763C54B0731AF", "F967014534DCCC8F81A119D3F6C4F892D3391900CC61B075AAC35C3073D741FA", "F96732014CC74E0CD212E2641AC086C0DBA609B9E2E61E3DC4259C4E401BE0FA", "FB60760FFBC4C1641885367A133FC454DC2E0574DCD44CF7D9CE310281E34594", "FBD214BD3617CD0E35DFB86718392CFC780A55239ADDCC2630BE6B9CBE939D78", "FC6CD52C9B1254CA4EDF111218F0B9EBBE253B30643BAEEC7B345AF2A6AD286F", "FC8C17DD115E571F97B5F3885C8242567934FD310C97F79C46B626881E94E7C9", "FCCC0F3B66FBDAD0D2E95FD368A9EC23B1CACB02F277AF6EB3B63115AB8DEECF", "FCD272D34A421FD2A8E04F5869B5DD874F2DF23AEF80C7EEB8F434E195F090C3", "FCEDD547799AE384A4D749F6F180AE8594D14E825F787E185F25A3AC75A35F08", "FE20A5D1F4849E14D48069BAF660E8CC8F27B6E1A52250832431EA5A43960BAB", "FE677F8124D30F9DA6CDDAFFC556D7B803853FD5CF922714F2CB4FEE4E8AB3CC", "FEA72A089D1755DA76737B39FD3BC90F9FC3011626C35A4FAFB48AD0A4D10189", "FF8A5C202A165C6A86DAF62B5BC19ADD9FB787B84C46A73C2E35849265921673", "FFD48300A19B13C218899602046E4BCCA555158C999FF29AA1F963C0113BA3C7"]}, {"type": "ics", "idList": ["ICSA-18-144-01", "ICSA-21-054-03", "ICSA-21-075-02", "ICSA-22-160-01", "ICSMA-18-058-02"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:4F187FDBA230373382F26BA12E00F8E7"]}, {"type": "kaspersky", "idList": ["KLA10888"]}, {"type": "kitploit", "idList": ["KITPLOIT:2973941148692546578", "KITPLOIT:5052987141331551837", "KITPLOIT:5230099254245458698"]}, {"type": "mageia", "idList": ["MGASA-2016-0338", "MGASA-2016-0367", "MGASA-2016-0408", "MGASA-2016-0417", "MGASA-2017-0041"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-TOMCAT_UBUNTU_LOG_INIT_PRIV_ESC-"]}, {"type": "myhack58", "idList": ["MYHACK58:62201679941", "MYHACK58:62201680058", "MYHACK58:62201680097", "MYHACK58:62201680650"]}, {"type": "nessus", "idList": ["700668.PASL", "9625.PRM", "9626.PRM", "9721.PASL", "9723.PASL", "9906.PASL", "ACTIVEMQ_5_15_5.NASL", "AIX_JAVA_JAN2017_ADVISORY.NASL", "AIX_OPENSSL_ADVISORY21.NASL", "ALA_ALAS-2016-749.NASL", "ALA_ALAS-2016-755.NASL", "ALA_ALAS-2016-764.NASL", "ALA_ALAS-2016-776.NASL", "ALA_ALAS-2016-777.NASL", "ALA_ALAS-2016-778.NASL", "ALA_ALAS-2017-791.NASL", "ALA_ALAS-2017-797.NASL", "ALA_ALAS-2017-810.NASL", "ARISTA_EOS_SA0024.NASL", "ARISTA_EOS_SA0024_4_17.NASL", "CENTOS_RHSA-2016-1940.NASL", "CENTOS_RHSA-2016-2045.NASL", "CENTOS_RHSA-2016-2046.NASL", "CENTOS_RHSA-2017-0180.NASL", "CENTOS_RHSA-2017-0269.NASL", "CENTOS_RHSA-2017-0527.NASL", "CENTOS_RHSA-2017-0935.NASL", "CENTOS_RHSA-2017-2247.NASL", "CENTOS_RHSA-2018-2123.NASL", "DEBIAN_DLA-622.NASL", "DEBIAN_DLA-623.NASL", "DEBIAN_DLA-637.NASL", "DEBIAN_DLA-728.NASL", "DEBIAN_DLA-729.NASL", "DEBIAN_DLA-746.NASL", "DEBIAN_DLA-753.NASL", "DEBIAN_DLA-779.NASL", "DEBIAN_DSA-3669.NASL", "DEBIAN_DSA-3670.NASL", "DEBIAN_DSA-3673.NASL", "DEBIAN_DSA-3720.NASL", "DEBIAN_DSA-3721.NASL", "DEBIAN_DSA-3738.NASL", "DEBIAN_DSA-3739.NASL", "EULEROS_SA-2016-1047.NASL", "EULEROS_SA-2016-1049.NASL", "EULEROS_SA-2016-1090.NASL", "EULEROS_SA-2017-1015.NASL", "EULEROS_SA-2017-1016.NASL", "EULEROS_SA-2017-1027.NASL", "EULEROS_SA-2017-1028.NASL", "EULEROS_SA-2017-1039.NASL", "EULEROS_SA-2017-1040.NASL", "EULEROS_SA-2017-1081.NASL", "EULEROS_SA-2017-1082.NASL", "EULEROS_SA-2017-1191.NASL", "EULEROS_SA-2017-1192.NASL", "EULEROS_SA-2019-1403.NASL", "EULEROS_SA-2019-1434.NASL", "EULEROS_SA-2019-1861.NASL", "EULEROS_SA-2019-2217.NASL", "EULEROS_SA-2019-2509.NASL", "EULEROS_SA-2019-2643.NASL", "F5_BIGIP_SOL01276005.NASL", "F5_BIGIP_SOL02652550.NASL", "F5_BIGIP_SOL13167034.NASL", "F5_BIGIP_SOL23873366.NASL", "F5_BIGIP_SOL50116122.NASL", "F5_BIGIP_SOL53084033.NASL", "F5_BIGIP_SOL54211024.NASL", "F5_BIGIP_SOL59298921.NASL", "F5_BIGIP_SOL90492697.NASL", "FEDORA_2016-38E5B05260.NASL", "FEDORA_2016-4094BD4AD6.NASL", "FEDORA_2016-64E0743E16.NASL", "FEDORA_2016-97454404FE.NASL", "FEDORA_2016-98CCA07999.NASL", "FEDORA_2016-9C33466FBB.NASL", "FEDORA_2016-A555159613.NASL", "FEDORA_2016-A98C560116.NASL", "FEDORA_2016-C1B01B9278.NASL", "FREEBSD_PKG_0B9AF110D52911E6AE1B002590263BF5.NASL", "FREEBSD_PKG_0CA246823F0311E6B3C814DAE9D210B8.NASL", "FREEBSD_PKG_3AE106E2D52111E6AE1B002590263BF5.NASL", "FREEBSD_PKG_43EAA65680BC11E6BF52B499BAEBFEAF.NASL", "FREEBSD_PKG_6F0529E22E8211E6B2ECB499BAEBFEAF.NASL", "GENTOO_GLSA-201612-16.NASL", "GENTOO_GLSA-201701-65.NASL", "GENTOO_GLSA-201705-09.NASL", "GENTOO_GLSA-201707-01.NASL", "IBM_BIGFIX_REMOTE_CONTROL_9_1_3.NASL", "IBM_HTTP_SERVER_553351.NASL", "IBM_INFORMIX_SERVER_SWG22002897.NASL", "IBM_JAVA_2017_01_17.NASL", "JUNIPER_JSA10759.NASL", "MACOSX_SECUPD2016-007.NASL", "MACOS_10_12_2.NASL", "MYSQL_5_6_34.NASL", "MYSQL_5_6_34_RPM.NASL", "MYSQL_5_7_16.NASL", "MYSQL_5_7_16_RPM.NASL", "MYSQL_ENTERPRISE_MONITOR_3_1_5_7958.NASL", "MYSQL_ENTERPRISE_MONITOR_3_2_5_1141.NASL", "MYSQL_ENTERPRISE_MONITOR_3_3_1_1112.NASL", "NESSUS_TNS_2016_16.NASL", "NEWSTART_CGSL_NS-SA-2019-0022_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0117_TOMCAT6.NASL", "OPENSSL_1_0_1U.NASL", "OPENSSL_1_0_2I.NASL", "OPENSSL_1_1_0.NASL", "OPENSSL_1_1_0A.NASL", "OPENSUSE-2016-1130.NASL", "OPENSUSE-2016-1134.NASL", "OPENSUSE-2016-1172.NASL", "OPENSUSE-2016-1189.NASL", "OPENSUSE-2016-1283.NASL", "OPENSUSE-2016-1289.NASL", "OPENSUSE-2016-1455.NASL", "OPENSUSE-2016-1456.NASL", "OPENSUSE-2017-201.NASL", "OPENSUSE-2017-278.NASL", "OPENSUSE-2018-168.NASL", "ORACLELINUX_ELSA-2016-1940.NASL", "ORACLELINUX_ELSA-2016-2045.NASL", "ORACLELINUX_ELSA-2016-2046.NASL", "ORACLELINUX_ELSA-2016-3627.NASL", "ORACLELINUX_ELSA-2017-0180.NASL", "ORACLELINUX_ELSA-2017-0269.NASL", "ORACLELINUX_ELSA-2017-0527.NASL", "ORACLELINUX_ELSA-2017-0935.NASL", "ORACLELINUX_ELSA-2017-2247.NASL", "ORACLELINUX_ELSA-2018-2123.NASL", "ORACLEVM_OVMSA-2016-0135.NASL", "ORACLEVM_OVMSA-2016-0141.NASL", "ORACLE_ACCESS_MANAGER_CPU_JAN_2018.NASL", "ORACLE_E-BUSINESS_CPU_JUL_2017.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2017_CPU.NASL", "ORACLE_HTTP_SERVER_CPU_JAN_2015.NASL", "ORACLE_HTTP_SERVER_CPU_JUL_2016.NASL", "ORACLE_HTTP_SERVER_CPU_OCT_2015.NASL", "ORACLE_ILOM_3_2_6.NASL", "ORACLE_JAVA_CPU_JAN_2017.NASL", "ORACLE_JAVA_CPU_JAN_2017_UNIX.NASL", "ORACLE_RDBMS_CPU_JUL_2017.NASL", "ORACLE_RDBMS_CPU_OCT_2017.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2017_CPU.NASL", "PHOTONOS_PHSA-2016-0011.NASL", "PVS_5_2_0.NASL", "REDHAT-RHSA-2016-1940.NASL", "REDHAT-RHSA-2016-2045.NASL", "REDHAT-RHSA-2016-2046.NASL", "REDHAT-RHSA-2016-2802.NASL", "REDHAT-RHSA-2017-0175.NASL", "REDHAT-RHSA-2017-0176.NASL", "REDHAT-RHSA-2017-0177.NASL", "REDHAT-RHSA-2017-0180.NASL", "REDHAT-RHSA-2017-0193.NASL", "REDHAT-RHSA-2017-0194.NASL", "REDHAT-RHSA-2017-0244.NASL", "REDHAT-RHSA-2017-0245.NASL", "REDHAT-RHSA-2017-0246.NASL", "REDHAT-RHSA-2017-0250.NASL", "REDHAT-RHSA-2017-0269.NASL", "REDHAT-RHSA-2017-0336.NASL", "REDHAT-RHSA-2017-0337.NASL", "REDHAT-RHSA-2017-0338.NASL", "REDHAT-RHSA-2017-0455.NASL", "REDHAT-RHSA-2017-0456.NASL", "REDHAT-RHSA-2017-0462.NASL", "REDHAT-RHSA-2017-0527.NASL", "REDHAT-RHSA-2017-0935.NASL", "REDHAT-RHSA-2017-1216.NASL", "REDHAT-RHSA-2017-1413.NASL", "REDHAT-RHSA-2017-1414.NASL", "REDHAT-RHSA-2017-1548.NASL", "REDHAT-RHSA-2017-1549.NASL", "REDHAT-RHSA-2017-1550.NASL", "REDHAT-RHSA-2017-1552.NASL", "REDHAT-RHSA-2017-1658.NASL", "REDHAT-RHSA-2017-1801.NASL", "REDHAT-RHSA-2017-2247.NASL", "REDHAT-RHSA-2017-2493.NASL", "REDHAT-RHSA-2017-2709.NASL", "REDHAT-RHSA-2017-2710.NASL", "REDHAT-RHSA-2017-3113.NASL", "REDHAT-RHSA-2017-3240.NASL", "REDHAT-RHSA-2018-2123.NASL", "REDHAT-RHSA-2018-2185.NASL", "REDHAT-RHSA-2018-2186.NASL", "SECURITYCENTER_OPENSSL_1_0_1U.NASL", "SLACKWARE_SSA_2016-266-01.NASL", "SLACKWARE_SSA_2016-363-01.NASL", "SL_20160927_OPENSSL_ON_SL6_X.NASL", "SL_20161010_TOMCAT6_ON_SL6_X.NASL", "SL_20161010_TOMCAT_ON_SL7_X.NASL", "SL_20170120_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "SL_20170213_JAVA_1_7_0_OPENJDK_ON_SL5_X.NASL", "SL_20170315_TOMCAT6_ON_SL6_X.NASL", "SL_20170412_TOMCAT_ON_SL7_X.NASL", "SL_20170802_TOMCAT_ON_SL7_X.NASL", "SL_20180703_PYTHON_ON_SL7_X.NASL", "SSL_64BITBLOCK_SUPPORTED_CIPHERS.NASL", "SSL_MEDIUM_SUPPORTED_CIPHERS.NASL", "SUSE_SU-2016-2387-1.NASL", "SUSE_SU-2016-2394-1.NASL", "SUSE_SU-2016-2458-1.NASL", "SUSE_SU-2016-2468-1.NASL", "SUSE_SU-2016-2470-1.NASL", "SUSE_SU-2017-0346-1.NASL", "SUSE_SU-2017-0460-1.NASL", "SUSE_SU-2017-0490-1.NASL", "SUSE_SU-2017-0716-1.NASL", "SUSE_SU-2017-0719-1.NASL", "SUSE_SU-2017-0720-1.NASL", "SUSE_SU-2017-0726-1.NASL", "SUSE_SU-2017-0839-1.NASL", "SUSE_SU-2017-1389-1.NASL", "SUSE_SU-2017-1444-1.NASL", "TOMCAT_8_5_5.NASL", "TOMCAT_8_5_8.NASL", "UBUNTU_USN-3081-1.NASL", "UBUNTU_USN-3081-2.NASL", "UBUNTU_USN-3087-1.NASL", "UBUNTU_USN-3087-2.NASL", "UBUNTU_USN-3177-1.NASL", "UBUNTU_USN-3177-2.NASL", "UBUNTU_USN-3179-1.NASL", "UBUNTU_USN-3181-1.NASL", "UBUNTU_USN-3194-1.NASL", "UBUNTU_USN-3198-1.NASL", "UBUNTU_USN-3270-1.NASL", "UBUNTU_USN-4557-1.NASL", "VIRTUALBOX_5_1_8.NASL", "VIRTUOZZO_VZLSA-2017-0180.NASL", "VIRTUOZZO_VZLSA-2017-0269.NASL", "VIRTUOZZO_VZLSA-2017-0527.NASL", "VIRTUOZZO_VZLSA-2017-0935.NASL", "VMWARE_ESXI_6_0_BUILD_5485776_REMOTE.NASL"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:SEPTEMBER-2016-SECURITY-RELEASES"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2016-2177", "OPENSSL:CVE-2016-2178", "OPENSSL:CVE-2016-2180", "OPENSSL:CVE-2016-2181", "OPENSSL:CVE-2016-2182", "OPENSSL:CVE-2016-2183", "OPENSSL:CVE-2016-6302", "OPENSSL:CVE-2016-6303", "OPENSSL:CVE-2016-6304", "OPENSSL:CVE-2016-6306"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310106355", "OPENVAS:1361412562310106356", "OPENVAS:1361412562310106460", "OPENVAS:1361412562310107015", "OPENVAS:1361412562310107016", "OPENVAS:1361412562310107048", "OPENVAS:1361412562310107049", "OPENVAS:1361412562310107050", "OPENVAS:1361412562310107051", "OPENVAS:1361412562310108031", "OPENVAS:1361412562310108372", "OPENVAS:1361412562310108772", "OPENVAS:1361412562310120738", "OPENVAS:1361412562310120744", "OPENVAS:1361412562310140019", "OPENVAS:1361412562310140020", "OPENVAS:1361412562310140037", "OPENVAS:1361412562310140048", "OPENVAS:1361412562310140192", "OPENVAS:1361412562310703669", "OPENVAS:1361412562310703670", "OPENVAS:1361412562310703673", "OPENVAS:1361412562310703720", "OPENVAS:1361412562310703721", "OPENVAS:1361412562310703738", "OPENVAS:1361412562310703739", "OPENVAS:1361412562310808703", "OPENVAS:1361412562310809075", "OPENVAS:1361412562310809076", "OPENVAS:1361412562310809077", "OPENVAS:1361412562310809376", "OPENVAS:1361412562310809377", "OPENVAS:1361412562310809417", "OPENVAS:1361412562310809782", "OPENVAS:1361412562310809955", "OPENVAS:1361412562310810182", "OPENVAS:1361412562310810184", "OPENVAS:1361412562310810567", "OPENVAS:1361412562310810717", "OPENVAS:1361412562310810718", "OPENVAS:1361412562310810730", "OPENVAS:1361412562310810966", "OPENVAS:1361412562310811297", "OPENVAS:1361412562310811298", "OPENVAS:1361412562310811702", "OPENVAS:1361412562310811703", "OPENVAS:1361412562310811871", "OPENVAS:1361412562310842892", "OPENVAS:1361412562310842896", "OPENVAS:1361412562310842898", "OPENVAS:1361412562310843024", "OPENVAS:1361412562310843026", "OPENVAS:1361412562310843029", "OPENVAS:1361412562310843035", "OPENVAS:1361412562310843048", "OPENVAS:1361412562310843052", "OPENVAS:1361412562310843145", "OPENVAS:1361412562310851397", "OPENVAS:1361412562310851399", "OPENVAS:1361412562310851406", "OPENVAS:1361412562310851412", "OPENVAS:1361412562310851430", "OPENVAS:1361412562310851455", "OPENVAS:1361412562310851485", "OPENVAS:1361412562310851494", "OPENVAS:1361412562310851503", "OPENVAS:1361412562310851505", "OPENVAS:1361412562310851703", "OPENVAS:1361412562310871663", "OPENVAS:1361412562310871669", "OPENVAS:1361412562310871670", "OPENVAS:1361412562310871749", "OPENVAS:1361412562310871758", "OPENVAS:1361412562310871773", "OPENVAS:1361412562310871795", "OPENVAS:1361412562310871857", "OPENVAS:1361412562310871971", "OPENVAS:1361412562310871989", "OPENVAS:1361412562310872149", "OPENVAS:1361412562310872150", "OPENVAS:1361412562310872157", "OPENVAS:1361412562310882566", "OPENVAS:1361412562310882569", "OPENVAS:1361412562310882575", "OPENVAS:1361412562310882576", "OPENVAS:1361412562310882639", "OPENVAS:1361412562310882640", "OPENVAS:1361412562310882655", "OPENVAS:1361412562310882656", "OPENVAS:1361412562310882657", "OPENVAS:1361412562310882682", "OPENVAS:1361412562310882690", "OPENVAS:1361412562310882919", "OPENVAS:1361412562311220161047", "OPENVAS:1361412562311220161049", "OPENVAS:1361412562311220161090", "OPENVAS:1361412562311220171015", "OPENVAS:1361412562311220171016", "OPENVAS:1361412562311220171027", "OPENVAS:1361412562311220171028", "OPENVAS:1361412562311220171039", "OPENVAS:1361412562311220171040", "OPENVAS:1361412562311220171081", "OPENVAS:1361412562311220171082", "OPENVAS:1361412562311220171191", "OPENVAS:1361412562311220171192", "OPENVAS:1361412562311220191403", "OPENVAS:1361412562311220191434", "OPENVAS:1361412562311220191861", "OPENVAS:1361412562311220192217", "OPENVAS:1361412562311220192509", "OPENVAS:1361412562311220192643", "OPENVAS:703669", "OPENVAS:703670", "OPENVAS:703673", "OPENVAS:703720", "OPENVAS:703721", "OPENVAS:703738", "OPENVAS:703739"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2017", "ORACLE:CPUAPR2018", "ORACLE:CPUAPR2019", "ORACLE:CPUAPR2020", "ORACLE:CPUJAN2017", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2020", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-1940", "ELSA-2016-2045", "ELSA-2016-2046", "ELSA-2016-3621", "ELSA-2016-3627", "ELSA-2017-0527", "ELSA-2017-0935", "ELSA-2017-2247", "ELSA-2018-2123", "ELSA-2018-3041", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:CVE-2016-2177", "OSV:CVE-2016-2178", "OSV:CVE-2016-2180", "OSV:CVE-2016-2181", "OSV:CVE-2016-2182", "OSV:CVE-2016-2183", "OSV:CVE-2016-6302", "OSV:CVE-2016-6303", "OSV:CVE-2016-6304", "OSV:CVE-2016-6306", "OSV:DLA-622-1", "OSV:DLA-623-1", "OSV:DLA-637-1", "OSV:DLA-728-1", "OSV:DLA-729-1", "OSV:DLA-746-1", "OSV:DLA-746-2", "OSV:DLA-753-1", "OSV:DLA-779-1", "OSV:DSA-3669-1", "OSV:DSA-3670-1", "OSV:DSA-3673-1", "OSV:DSA-3673-2", "OSV:DSA-3720-1", "OSV:DSA-3721-1", "OSV:DSA-3738-1", "OSV:DSA-3739-1", "OSV:GHSA-2RVF-329F-P99G", "OSV:GHSA-4V3G-G84W-HV7R", "OSV:GHSA-698C-2X4J-G9GQ", "OSV:GHSA-JC7P-5R39-9477", "OSV:GHSA-Q6X7-F33R-3WXX", "OSV:GHSA-WXCP-F2C8-X6XV"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:138940", "PACKETSTORM:139041", "PACKETSTORM:141920", "PACKETSTORM:142756", "PACKETSTORM:143369", "PACKETSTORM:155873", "PACKETSTORM:170857"]}, {"type": "pentestit", "idList": ["PENTESTIT:C47AA6D1808026ACA45B1AD1CF25CA3B"]}, {"type": "photon", "idList": ["PHSA-2016-0011"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:3E54ECACB70B1C9E4DF1458D3CABE899"]}, {"type": "redhat", "idList": ["RHSA-2016:1940", "RHSA-2016:2045", "RHSA-2016:2046", "RHSA-2016:2802", "RHSA-2016:2957", "RHSA-2017:0175", "RHSA-2017:0176", "RHSA-2017:0177", "RHSA-2017:0180", "RHSA-2017:0193", "RHSA-2017:0194", "RHSA-2017:0244", "RHSA-2017:0245", "RHSA-2017:0246", "RHSA-2017:0247", "RHSA-2017:0250", "RHSA-2017:0269", "RHSA-2017:0336", "RHSA-2017:0337", "RHSA-2017:0338", "RHSA-2017:0455", "RHSA-2017:0456", "RHSA-2017:0457", "RHSA-2017:0462", "RHSA-2017:0527", "RHSA-2017:0935", "RHSA-2017:1216", "RHSA-2017:1413", "RHSA-2017:1414", "RHSA-2017:1415", "RHSA-2017:1548", "RHSA-2017:1549", "RHSA-2017:1550", "RHSA-2017:1551", "RHSA-2017:1552", "RHSA-2017:1658", "RHSA-2017:1659", "RHSA-2017:1801", "RHSA-2017:1802", "RHSA-2017:2247", "RHSA-2017:2493", "RHSA-2017:2494", "RHSA-2017:2708", "RHSA-2017:2709", "RHSA-2017:2710", "RHSA-2017:3113", "RHSA-2017:3114", "RHSA-2017:3239", "RHSA-2017:3240", "RHSA-2018:2123", "RHSA-2018:2185", "RHSA-2018:2186", "RHSA-2018:2187", "RHSA-2019:1245", "RHSA-2019:2859", "RHSA-2020:0451", "RHSA-2020:3842", "RHSA-2021:0308", "RHSA-2021:2438"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-1240", "RH:CVE-2016-2180", "RH:CVE-2016-2181", "RH:CVE-2016-2182", "RH:CVE-2016-5425", "RH:CVE-2016-6302", "RH:CVE-2016-6303", "RH:CVE-2016-6306", "RH:CVE-2016-6325", "RH:CVE-2016-6794", "RH:CVE-2016-6797", "RH:CVE-2016-6816", "RH:CVE-2016-6817", "RH:CVE-2016-8657", "RH:CVE-2016-8735", "RH:CVE-2023-0296"]}, {"type": "seebug", "idList": ["SSV:92455", "SSV:92553", "SSV:92677", "SSV:92678", "SSV:93135"]}, {"type": "slackware", "idList": ["SSA-2016-266-01", "SSA-2016-363-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:2391-1", "OPENSUSE-SU-2016:2407-1", "OPENSUSE-SU-2016:2496-1", "OPENSUSE-SU-2016:2537-1", "OPENSUSE-SU-2016:2769-1", "OPENSUSE-SU-2016:2788-1", "OPENSUSE-SU-2016:3129-1", "OPENSUSE-SU-2016:3144-1", "OPENSUSE-SU-2017:0374-1", "OPENSUSE-SU-2017:0513-1", "OPENSUSE-SU-2018:0458-1", "SUSE-SU-2016:2387-1", "SUSE-SU-2016:2394-1", "SUSE-SU-2016:2458-1", "SUSE-SU-2016:2468-1", "SUSE-SU-2016:2469-1", "SUSE-SU-2016:2470-1", "SUSE-SU-2016:2470-2", "SUSE-SU-2016:3079-1", "SUSE-SU-2016:3081-1", "SUSE-SU-2017:0346-1", "SUSE-SU-2017:0460-1", "SUSE-SU-2017:0490-1", "SUSE-SU-2017:1444-1", "SUSE-SU-2017:1632-1", "SUSE-SU-2017:1660-1", "SUSE-SU-2017:2699-1", "SUSE-SU-2017:2700-1"]}, {"type": "symantec", "idList": ["SMNTC-1382", "SMNTC-1392"]}, {"type": "thn", "idList": ["THN:35CF2D56C908025E96F8E8ADF33384DB"]}, {"type": "threatpost", "idList": ["THREATPOST:76E9C3B4FF9F862F31CF7EBE00893BDF", "THREATPOST:92734AB0515417387ACE7EE44D1D5100", "THREATPOST:99C5E70D89447B8402B9FBA7381541F0", "THREATPOST:CF8A831748EC23AA2B67F64081A55155", "THREATPOST:D4706357F1ED015BC0C89123865AF61A"]}, {"type": "tomcat", "idList": ["TOMCAT:0DBA25EA40A6FEBF5FD9039D7F60718E", "TOMCAT:3BE7322A30732B9FCCD5C138E261173F", "TOMCAT:604E2DE63F4E10D22151D29C4D2E7487", "TOMCAT:790F7EF00EBD814D5B55BBA9ADFAB91D", "TOMCAT:7FF5C8CC86A7AF5DA33F4B5874774B9B", "TOMCAT:8423D2ED2F8751548B2F3411FE07D05F", "TOMCAT:937E284FF802C2D5A6E9C8A59AB6C822", "TOMCAT:9E43DA1677EA0537439D1A6D19A16EC5", "TOMCAT:DCB8C0E7C96DD2367CF48625F7A47EDF"]}, {"type": "ubuntu", "idList": ["USN-3081-1", "USN-3081-2", "USN-3087-1", "USN-3087-2", "USN-3177-1", "USN-3177-2", "USN-3179-1", "USN-3181-1", "USN-3194-1", "USN-3198-1", "USN-3270-1", "USN-3372-1", "USN-4557-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-0762", "UB:CVE-2016-1240", "UB:CVE-2016-2177", "UB:CVE-2016-2178", "UB:CVE-2016-2180", "UB:CVE-2016-2181", "UB:CVE-2016-2182", "UB:CVE-2016-2183", "UB:CVE-2016-5018", "UB:CVE-2016-5425", "UB:CVE-2016-6302", "UB:CVE-2016-6303", "UB:CVE-2016-6304", "UB:CVE-2016-6306", "UB:CVE-2016-6325", "UB:CVE-2016-6794", "UB:CVE-2016-6796", "UB:CVE-2016-6797", "UB:CVE-2016-6816", "UB:CVE-2016-6817", "UB:CVE-2016-8735", "UB:CVE-2017-6056"]}, {"type": "zdt", "idList": ["1337DAY-ID-25101", "1337DAY-ID-25464", "1337DAY-ID-25942", "1337DAY-ID-27485", "1337DAY-ID-27866", "1337DAY-ID-38186"]}]}, "affected_software": {"major_version": [{"name": "rational build forge", "version": 8}, {"name": "rational build forge", "version": 8}, {"name": "rational build forge", "version": 8}, {"name": "rational build forge", "version": 8}, {"name": "rational build forge", "version": 8}]}, "epss": [{"cve": "CVE-2016-0762", "epss": "0.001880000", "percentile": "0.546450000", "modified": "2023-03-20"}, {"cve": "CVE-2016-1240", "epss": "0.000440000", "percentile": "0.083390000", "modified": "2023-03-20"}, {"cve": "CVE-2016-2177", "epss": "0.014010000", "percentile": "0.843760000", "modified": "2023-03-20"}, {"cve": "CVE-2016-2178", "epss": "0.000460000", "percentile": "0.139640000", "modified": "2023-03-20"}, {"cve": "CVE-2016-2180", "epss": "0.009990000", "percentile": "0.813030000", "modified": "2023-03-20"}, {"cve": "CVE-2016-2181", "epss": "0.031540000", "percentile": "0.895910000", "modified": "2023-03-20"}, {"cve": "CVE-2016-2182", "epss": "0.035030000", "percentile": "0.900660000", "modified": "2023-03-20"}, {"cve": "CVE-2016-2183", "epss": "0.004390000", "percentile": "0.708060000", "modified": "2023-03-20"}, {"cve": "CVE-2016-5018", "epss": "0.002340000", "percentile": "0.597260000", "modified": "2023-03-20"}, {"cve": "CVE-2016-5425", "epss": "0.001290000", "percentile": "0.459880000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6302", "epss": "0.015160000", "percentile": "0.849560000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6303", "epss": "0.015530000", "percentile": "0.851400000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6304", "epss": "0.323680000", "percentile": "0.963100000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6306", "epss": "0.042610000", "percentile": "0.909460000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6325", "epss": "0.000440000", "percentile": "0.082530000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6794", "epss": "0.001300000", "percentile": "0.461760000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6796", "epss": "0.001530000", "percentile": "0.497910000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6797", "epss": "0.001610000", "percentile": "0.510520000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6816", "epss": "0.002620000", "percentile": "0.621160000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6817", "epss": "0.034760000", "percentile": "0.900370000", "modified": "2023-03-20"}, {"cve": "CVE-2016-8735", "epss": "0.042630000", "percentile": "0.909490000", "modified": "2023-03-20"}], "vulnersScore": 0.8}, "_state": {"score": 1684017862, "dependencies": 1676944354, "affected_software_major_version": 1677394894, "epss": 1679361349}, "_internal": {"score_hash": "6e5826d7334fa1dc86626befa29f771a"}, "affectedSoftware": [{"version": "8.0", "operator": "eq", "name": "rational build forge"}, {"version": "8.0.0.1", "operator": "eq", "name": "rational build forge"}, {"version": "8.0.0.2", "operator": "eq", "name": "rational build forge"}, {"version": "8.0.0.3", "operator": "eq", "name": "rational build forge"}, {"version": "8.0.0.4", "operator": "eq", "name": "rational build forge"}]}
{"ibm": [{"lastseen": "2023-05-08T18:13:14", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed recently by the OpenSSL Project. OpenSSL is used by Rational BuildForge Agent shipped with IBM Rational Team Concert. Rational BuildForge has addressed the applicable CVEs. \n\n## Vulnerability Details\n\n**CVEID: **[**CVE-2016-1240**](<https://vulners.com/cve/CVE-2016-1240>) \n**DESCRIPTION**: Apache Tomcat could allow a local attacker to gain elevated privileges on the system, caused by the exploitation of an unsafe chown command in Tomcat init script. An attacker could exploit this vulnerability to gain root privileges on the system. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117091> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[**CVE-2016-6797**](<https://vulners.com/cve/CVE-2016-6797>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118403> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[**CVE-2016-0762**](<https://vulners.com/cve/CVE-2016-0762>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118407> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[**CVE-2016-5018**](<https://vulners.com/cve/CVE-2016-5018>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118406> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[**CVE-2016-6794**](<https://vulners.com/cve/CVE-2016-6794>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118405> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[**CVE-2016-6796**](<https://vulners.com/cve/CVE-2016-6796>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118404> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[**CVE-2016-2177**](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[**CVE-2016-2178**](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION**: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[**CVE-2016-6306**](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[**CVE-2016-6302**](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[**CVE-2016-6304**](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[**CVE-2016-6303**](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[**CVE-2016-2182**](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n**CVEID: **[**CVE-2016-2180**](<https://vulners.com/cve/CVE-2016-2180>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[**CVE-2016-2181**](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[**CVE-2016-2183**](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION**: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[**CVE-2016-6325**](<https://vulners.com/cve/CVE-2016-6325>) \n**DESCRIPTION**: Red Hat Enterprise Linux, JBoss Web Server and JBoss EWS could allow a local attacker to gain elevated privileges on the system, caused by the installation of /etc/sysconfig/tomcat and /etc/tomcat/tomcat.conf configuration files with insecure permissions by the Tomcat package. An attacker could exploit this vulnerability using membership in the Tomcat group to gain elevated privileges on the system. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117859> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[**CVE-2016-5425**](<https://vulners.com/cve/CVE-2016-5425>) \n**DESCRIPTION**: Multiple Apache Tomcat packages on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions could allow a local attacker to gain elevated privileges on the system, caused by the installation of the /user/lib/tmpfiles.d/tomcat.conf configuration file with insecure permissions. An attacker could exploit this vulnerability using the systemd-tmpfiles service to gain root privileges on the system. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117580> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[**CVE-2016-6816**](<https://vulners.com/cve/CVE-2016-6816>) \n**DESCRIPTION**: Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119158> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[**CVE-2016-6817**](<https://vulners.com/cve/CVE-2016-6817>) \n**DESCRIPTION**: Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted HTTP/2 header, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119156> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[**CVE-2016-8735**](<https://vulners.com/cve/CVE-2016-8735>) \n**DESCRIPTION**: Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an error in the JmxRemoteLifecycleListener. By sending specially crafted data to a JMX port, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119157> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nRational Collaborative Lifecycle Management 4.0 - 6.0.3 \n \nRational Team Concert 4.0 - 4.0.7 \nRational Team Concert 5.0 - 5.0.2 \nRational Team Concert 6.0 - 6.0.3\n\n## Remediation/Fixes\n\nUpgrade your Rational Build Forge Agent to version 8.0.0.4 iFix1 from: \n\n[BuildForge 8.0.0.4 iFix1](<http://download4.boulder.ibm.com/sar/CMA/RAA/06n2y/0/8004ifix1.zip>)\n\n## Workarounds and Mitigations\n\nnone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-28T18:35:50", "type": "ibm", "title": "Security Bulletin: OpenSSL vulnerabilities affect IBM Rational Team Concert (CVE-2016-1240, CVE-2016-6797, etc)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-1240", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-5018", "CVE-2016-5425", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6325", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-6817", "CVE-2016-8735"], "modified": "2021-04-28T18:35:50", "id": "D4C1C0E6A5170ECC8C7B3DFFE304FF401A904E8D9E1A70A203081EBBCDBE568F", "href": "https://www.ibm.com/support/pages/node/288065", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-13T05:37:16", "description": "## Summary\n\nMultiple Apache Tomcat vulnerabilities affect IBM SONAS.\n\n## Vulnerability Details\n\nThis bulletin relates to vulnerabilities in the Apache Tomcat component which is used to provide the product\u2019s management GUI. The CLI interface is unaffected. \n \n**CVEID:** [_CVE-2016-0762_](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118407_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118407>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-5018_](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118406_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118406>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6794_](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118405_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118405>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6796_](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118404_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118404>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6797_](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118403_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118403>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n \n**CVEID:** [_CVE-2016-6816_](<https://vulners.com/cve/CVE-2016-6816>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119158_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119158>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n\n**CVEID:** [_CVE-2016-6817_](<https://vulners.com/cve/CVE-2016-6817>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted HTTP/2 header, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119156_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119156>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-8735_](<https://vulners.com/cve/CVE-2016-8735>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an error in the JmxRemoteLifecycleListener. By sending specially crafted data to a JMX port, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119157_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119157>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM SONAS \n \nThe product is affected when running a code releases 1.5.0.0 to 1.5.2.5. \n\n## Remediation/Fixes\n\nA fix for these issues is in version 1.5.2.6 of IBM SONAS. Customers running an affected version of SONAS should upgrade to 1.5.2.6 or a later version, so that the fix gets applied. \n \nPlease contact IBM support for assistance in upgrading your system.\n\n## Workarounds and Mitigations\n\nWorkaround(s): None \n \nMitigation(s) : Although IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T00:32:14", "type": "ibm", "title": "Security Bulletin: Multiple Apache Tomcat vulnerabilities affect IBM SONAS.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-6817", "CVE-2016-8735"], "modified": "2018-06-18T00:32:14", "id": "51AB1F7F50AE2546674F97D246115890E30F6672B86D6D523810D29C5BAE0D62", "href": "https://www.ibm.com/support/pages/node/696923", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:50:33", "description": "## Summary\n\nIBM Flex System FC5022 16Gb SAN Scalable Switch has addressed the following vulnerabilities in OpenSSL.\n\n## Vulnerability Details\n\n**Summary**\n\nIBM Flex System FC5022 16Gb SAN Scalable Switch has addressed the following vulnerabilities in OpenSSL.\n\n**Vulnerability Details:**\n\n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash.\n\nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>)\n\n**Description:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2180](<https://vulners.com/cve/CVE-2016-2180>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash.\n\nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash.\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6303](<https://vulners.com/cve/CVE-2016-6303>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources.\n\nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service.\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**Affected Products and Versions**\n\nProduct | Affected Version \n---|--- \nIBM Flex System FC5022 16Gb SAN Scalable Switch | 8.0 \n \n**Remediation/Fixes:**\n\nFirmware fix versions are available on Fix Central: \n<http://www.ibm.com/support/fixcentral/>.\n\nProduct | Fix Version \n---|--- \nIBM Flex System FC5022 16Gb SAN Scalable Switch \n(brcd_fw_bcsw_8.1.0a_anyos_noarch) | 8.1.0a \n \n**Workaround(s) & Mitigation(s):**\n\nNone\n\n**References:**\n\n * [Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide.html>)\n * [On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n[Lenovo Product Security Advisories](<https://support.lenovo.com/us/en/product_security/home>)\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n09 August 2017: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-31T02:25:02", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System FC5022 16Gb SAN Scalable Switch", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2180", "CVE-2016-2182", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2019-01-31T02:25:02", "id": "EF8F47367833C53D96D4B395B9B6E56988A6A111252244DF32D84133215F9DCA", "href": "https://www.ibm.com/support/pages/node/868746", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:42:09", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n \n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Rational ClearCase versions: \n \n\n\n**Version**\n\n| \n\n**Status** \n \n---|--- \n \n9.0 through 9.0.0.2\n\n| \n\nAffected \n \n8.0.1 through 8.0.1.12\n\n| \n\nAffected \n \n8.0 through 8.0.0.19\n\n| \n\nAffected \n \n7.1.0.x, 7.1.1.x, 7.1.2.x (all versions)\n\n| \n\nAffected \n \n \nNot all deployments of Rational ClearCase use OpenSSL in a way that is affected by these vulnerabilities. \n \nYou are vulnerable if your use of Rational ClearCase includes _any_ of these configurations: \n\n\n 1. You use the base ClearCase/ClearQuest integration client on any platform, configured to use SSL to communicate with a ClearQuest server. \n\n 2. You use the UCM/ClearQuest integration on UNIX/Linux clients, configured to use SSL to communicate with a ClearQuest server. \n**Note:** Windows clients using the UCM/ClearQuest integration are not vulnerable. \n\n 3. On UNIX/Linux clients, you use the Change Management Integration (CMI) for base ClearCase with ClearQuest or Rational Team Concert (RTC), or for UCM with ClearQuest or RTC, or for Jira, when configured to use SSL to communicate with the server. \n**Note:** Windows clients using the CMI integration are not vulnerable. \n\n 4. You use ratlperl, ccperl, or cqperl to run your own perl scripts, **and** those scripts use SSL connections.\n\n## Remediation/Fixes\n\nApply a fix pack as listed in the table below. The fix pack includes OpenSSL **1.0.2j.** \n \n\n\n**Affected Versions**\n\n| \n\n** Applying the fix** \n \n---|--- \n \n9.0 through 9.0.0.2\n\n| Install [Rational ClearCase Fix Pack 3 (9.0.0.3) for 9.0](<http://www.ibm.com/support/docview.wss?uid=swg24042975>) \n \n8.0.1 through 8.0.1.12\n\n| Install [Rational ClearCase Fix Pack 13 (8.0.1.13) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24042973>) \n \n8.0 through 8.0.0.19\n\n| Install [Rational ClearCase Fix Pack 20 (8.0.0.20) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24042971>) \n \n7.1.2.x (all fix packs) \n7.1.1.x (all fix packs) \n7.1.0.x (all fix packs)\n\n| Customers on extended support contracts should contact Customer Support for information. \n_For 7.0.x, 7.1.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-07-10T08:34:12", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affects IBM Rational ClearCase (CVE-2016-2177, CVE-2016-2178, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-07-10T08:34:12", "id": "0199BCC78418FD8D57FCBD8F6822F3BB285BAD40BEA717ED6C2D19608D3AA7D0", "href": "https://www.ibm.com/support/pages/node/556145", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-12T17:34:19", "description": "## Summary\n\nThere are vulnerabilities in OpenSSL to which the IBM\u00ae FlashSystem\u2122 V840 is susceptible. An exploit of these vulnerabilities (CVE-2016-2177, CVE-2016-2178, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6304, and CVE-2016-6306) could allow a remote attacker to consume all available memory resources, to wage a denial of service attack, to cause an application to crash, to recover a private DSA key, and to wage a man-in-the-middle attack to gain access to plaintext data and obtain sensitive information.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n**Affected Products and Versions of FlashSystem V840\u2019s two node types \n** \n_Storage Node_ \n\u00b7 Machine Type Models (MTMs) affected include 9846-AE1 and 9848-AE1 \n\u00b7 Code versions affected include supported VRMFs: \no 1.4.0.0 \u2013 1.4.5.1 \no 1.3.0.0 \u2013 1.3.0.6 \n \n_Controller Node _ \n\u00b7 MTMs affected include 9846-AC0, 9848-AC0, 9846-AC1, and 9848-AC1 \n\u00b7 Code versions affected include supported VRMFs: \no 7.8.0.0 \u2013 7.8.0.1 \no 7.7.0.0 \u2013 7.7.1.5\n\n## Remediation/Fixes\n\n_V840 MTMs_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n**Storage nodes:** \n9846-AE1 & \n9848-AE1 \n \n**Controller nodes:** \n9846-AC0, \n9846-AC1, \n9848-AC0, & \n9848-AC1| _Code fixes are now available, the minimum VRMF containing the fix depends on the code stream: \n \n___Storage Node VRMF __ \n_1.4 stream: 1.4.6.0 _ \n_1.3 stream: 1.3.0.7_ \n \n__Controller Node VRMF __ \n_7.8 stream: 7.8.0.2_ \n_7.7 stream: 7.7.1.6_| _ __N/A_| [**_FlashSystem V840 fixes_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+V840&release=1.0&platform=All&function=all>)** **for storage and controller node** **are available @ IBM\u2019s Fix Central \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T00:32:47", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect the IBM FlashSystem model V840", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-18T00:32:47", "id": "88AB81EF4773044E57A4B0519932B93A44584B2D567DE41B65A3D966948BD2BB", "href": "https://www.ibm.com/support/pages/node/697169", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T17:38:13", "description": "## Summary\n\nThere are vulnerabilities in OpenSSL to which the IBM\u00ae FlashSystem\u2122 840 and FlashSystem\u2122 900 are susceptible. An exploit of these vulnerabilities (CVE-2016-2177, CVE-2016-2178, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6304, and CVE-2016-6306) could allow a remote attacker to consume all available memory resources, to wage a denial of service attack, to cause an application to crash, to recover a private DSA key, and to wage a man-in-the-middle attack to gain access to plaintext data and obtain sensitive information.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nFlashSystem 840 machine type and models (MTMs) affected include 9840-AE1 and 9843-AE1. \n \nFlashSystem 900 MTMs affected include 9840-AE2 and 9843-AE2. \n \nCode versions affected include supported VRMFs: \n\u00b7 1.4.0.0 \u2013 1.4.5.1 \n\u00b7 1.3.0.0 \u2013 1.3.0.6\n\n## Remediation/Fixes\n\n_MTMs_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n**FlashSystem ****840 MTM: ** \n9840-AE1 & \n9843-AE1 \n \n**FlashSystem 900 MTMs:** \n9840-AE2 & \n9843-AE2| _Code fixes are now available, the minimum VRMF containing the fix depends on the code stream: \n \n___ Fixed code VRMF .__ \n_1.4 stream: 1.4.6.0 _ \n_1.3 stream: 1.3.0.7_| _ __N/A_| [**_FlashSystem 840 fixes_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+840&release=All&platform=All&function=all>)** **and [**_FlashSystem 900 fixes_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+900&release=All&platform=All&function=all>)** **are available @ IBM\u2019s Fix Central_ _ \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-02-18T01:45:50", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect the IBM FlashSystem models 840 and 900", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2023-02-18T01:45:50", "id": "4A2C5224A5D45C6378C117215B6377F5D1277DE19E121950C3A6023758C715BC", "href": "https://www.ibm.com/support/pages/node/697167", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-12T17:33:41", "description": "## Question\n\nSecurity Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, Faspex on Demand, Server on Demand, Application on Demand, and Azure on Demand (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 ...)\n\n## Answer\n\n## **Security Bulletin**\n\n## **Summary**\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Transfer Cluster Manager, IBM Aspera Faspex on Demand, IBM Aspera Server on Demand, IBM Aspera Application on Demand, and IBM Aspera Azure on Demand. IBM Aspera Transfer Cluster Manager, IBM Aspera Faspex on Demand, IBM Aspera Server on Demand, IBM Aspera Application on Demand, and IBM Aspera Azure on Demand has addressed the applicable CVEs.\n\n## **Vulnerability Details**\n\n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182\">) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-6303](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information caused by an error in the DES/3DES cipher used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## **Affected Products and Versions**\n\nIBM Aspera Transfer Cluster Manager with AutoScale 3.6.0 and prior\n\nIBM Aspera Faspex on Demand 3.6.0 and prior\n\nIBM Aspera Server on Demand 3.6.0 and prior\n\nIBM Aspera Application Application 3.6.0 and prior\n\nIBM Aspera Azure on Demand 3.5.6 and prior\n\n## **Remediation/Fixes **\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|--- \n \nIBM Aspera Transfer Cluster Manager with AutoScale\n\n| \n\n1.2.3 _or higher_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/53>_ \n \nIBM Aspera Faspex on Demand\n\n| \n\n_3.7.3 or higher_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/56>_ \n \nIBM Aspera Server on Demand\n\n| \n\n_3.7.3 or higher_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/55>_ \n \nIBM Aspera Application Application\n\n| \n\n_3.7.3 or higher_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/54>_ \n \nIBM Aspera Azure on Demand\n\n| \n\n_3.7.2 or higher_\n\n| \n\n_Azure Marketplace_ \n \n## \n\n## **Workarounds and Mitigations**\n\nNone\n\n**Important note: **IBM strongly suggests that all System z customers subscribe to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed see the instructions on the [System z Security web site](<http://www.ibm.com/systems/z/solutions/security_subintegrity.html>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.\n\n## **References**\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide>)\n\n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n## **Related Information**\n\n[IBM Secure Engineering Web Portal ](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>)\n\n## **Acknowledgement **\n\nNone\n\n## **Change History**\n\n2 October 2017: Original version published\n\n_*_The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## **Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST) the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS8NDZ\",\"label\":\"IBM Aspera\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-08T04:55:34", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, Faspex on Demand, Server on Demand, Application on Demand,", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-12-08T04:55:34", "id": "FC6CD52C9B1254CA4EDF111218F0B9EBBE253B30643BAEEC7B345AF2A6AD286F", "href": "https://www.ibm.com/support/pages/node/746015", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:53:10", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22, 2016 by the OpenSSL Project. OpenSSL is used by IBM IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client, IBM Aspera Faspstream, IBM Aspera Cargo, and IBM Aspera Sync. \n \nThe above mentioned products have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID:** [CVE-2016-6303](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Aspera Enterprise Server 3.6.2 or earlier \nIBM Aspera Connect for Web Access 3.6.2 or earlier \nIBM Aspera Desktop Client 3.6.2 or earlier \nIBM Aspera Point to Point Client 3.6.2 or earlier \nIBM Aspera Cargo 1.5.0 or earlier \nIBM Aspera Faspstream 3.7.0 or earlier \nIBM Aspera Sync 3.5.3 or earlier\n\n## Remediation/Fixes\n\nUpgrade to the followings from our download site: <http://downloads.asperasoft.com/> \nIBM Aspera Enterprise Server 3.7.4 or later \nIBM Aspera Connect for Web Access 3.7.4 or later \nIBM Aspera Desktop Client 3.7.4 or later \nIBM Aspera Point to Point Client 3.7.4 or later \nIBM Aspera Cargo 1.6.1 or later \nIBM Aspera Faspstream 3.7.2 or later \nIBM Aspera Sync 3.7.4 or later \n \n_For unsupported versions of __IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client, IBM Aspera Faspstream, IBM Aspera Cargo, and IBM Aspera Sync, __IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:08:32", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, Connect Server, Point to Point Client, Desktop Client, Faspstream, Cargo, and Sync (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 CVE-2016-2178 ...)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-15T07:08:32", "id": "1B2DCE61952BC751A0A03EA7E17596B9EB37FF0F00BB308BB9D09896E591D7E1", "href": "https://www.ibm.com/support/pages/node/300567", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-12T17:33:41", "description": "## Question\n\nSecurity Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, Connect Server, Point to Point Client, Desktop Client, Faspstream, Cargo, and Sync (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 CVE-2016-2178 ...)\n\n## Answer\n\n## **Security Bulletin**\n\n## **Summary **\n\nOpenSSL vulnerabilities were disclosed on September 22, 2016 by the OpenSSL Project. OpenSSL is used by IBM IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client, IBM Aspera Faspstream, IBM Aspera Cargo, and IBM Aspera Sync\n\nThe above mentioned products have addressed the applicable CVEs.\n\n## **Vulnerability Details**\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302\">) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-6303](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information caused by an error in the DES/3DES cipher used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## **Affected Products and Versions**\n\nIBM Aspera Enterprise Server 3.6.2 or earlier\n\nIBM Aspera Connect for Web Access 3.6.2 or earlier\n\nIBM Aspera Desktop Client 3.6.2 or earlier\n\nIBM Aspera Point to Point Client 3.6.2 or earlier\n\nIBM Aspera Cargo 1.5.0 or earlier\n\nIBM Aspera Faspstream 3.7.0or earlier\n\nIBM Aspera Sync 3.5.3or earlier\n\n## **Remediation/Fixes **\n\nUpgrade to the followings from our download site: <http://downloads.asperasoft.com/>\n\nIBM Aspera Enterprise Server 3.7.4 or later\n\nIBM Aspera Connect for Web Access 3.7.4 or later\n\nIBM Aspera Desktop Client 3.7.4 or later\n\nIBM Aspera Point to Point Client 3.7.4 or later\n\nIBM Aspera Cargo 1.6.1 or later\n\nIBM Aspera Faspstream 3.7.2 or later\n\nIBM Aspera Sync 3.7.4 or later\n\n_For unsupported versions of I_BM Aspera Enterprise Server IBM Aspera Connect Server IBM Aspera Point to Point Client IBM Aspera Desktop ClientIBM Aspera Faspstream IBM Aspera Cargo and IBM Aspera Sync_IBM recommends upgrading to a fixed supported version/release/platform of the product._\n\n## **Workarounds and Mitigations**\n\nNone\n\n## **References**\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide>)\n\n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n## **Related Information**\n\n[IBM Secure Engineering Web Portal ](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>)\n\n## **Acknowledgement**\n\nNone\n\n## **Change History**\n\n2 October 2017: Original Version Published\n\n_*_The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## **Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST) the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS8NDZ\",\"label\":\"IBM Aspera\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-08T04:55:34", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, Connect Server, Point to Point Client, Desktop Client, Faspstream,", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-12-08T04:55:34", "id": "449F34AAD10DD9765AEBD2663CC16B31AA5D35B533E921970DCB2DD9DF361C47", "href": "https://www.ibm.com/support/pages/node/746013", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:53:13", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Transfer Cluster Manager, IBM Aspera Faspex on Demand, IBM Aspera Server on Demand, IBM Aspera Application on Demand, and IBM Aspera Azure on Demand. IBM Aspera Transfer Cluster Manager, IBM Aspera Faspex on Demand, IBM Aspera Server on Demand, IBM Aspera Application on Demand, and IBM Aspera Azure on Demand has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID:** [CVE-2016-6303](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Aspera Transfer Cluster Manager with AutoScale 3.6.0 and prior \nIBM Aspera Faspex on Demand 3.6.0 and prior \nIBM Aspera Server on Demand 3.6.0 and prior \nIBM Aspera Application Application 3.6.0 and prior \nIBM Aspera Azure on Demand 3.5.6 and prior\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Aspera Transfer Cluster Manager with AutoScale| 1.2.3 _or higher_| [_http://downloads.asperasoft.com/en/downloads/53_](<http://downloads.asperasoft.com/en/downloads/53>) \nIBM Aspera Faspex on Demand| _3.7.3 or higher_| [_http://downloads.asperasoft.com/en/downloads/56_](<http://downloads.asperasoft.com/en/downloads/56>) \nIBM Aspera Server on Demand| _3.7.3 or higher_| [_http://downloads.asperasoft.com/en/downloads/55_](<http://downloads.asperasoft.com/en/downloads/55>) \nIBM Aspera Application Application| _3.7.3 or higher_| [_http://downloads.asperasoft.com/en/downloads/54_](<http://downloads.asperasoft.com/en/downloads/54>) \nIBM Aspera Azure on Demand| _3.7.2 or higher_| _Azure Marketplace_ \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:08:22", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, Faspex on Demand, Server on Demand, Application on Demand, and Azure on Demand (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 ...)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-15T07:08:22", "id": "3F02DA1DC04A6C658BCF965E5FB3FFCC64EB1D7D66FB0A8038636EF62D559250", "href": "https://www.ibm.com/support/pages/node/299875", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T22:09:17", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM WebSphere Cast Iron Solution. IBM WebSphere Cast Iron Solution has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6302_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-6304_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6303_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2182_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2177_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6306_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2181_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nWebSphere Cast Iron v 7.5.1.0, v 7.5.0.1, v 7.5.0.0 \nWebSphere Cast Iron v 7.0.0.2, v 7.0.0.1, v 7.0.0.0\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nCast Iron Appliance| 7.5.1.0 \n7.5.0.1 \n7.5.0.0| LI79478| [iFix 7.5.1.0-CUMUIFIX-007](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.5.1.0&platform=All&function=fixId&fixids=7.5.1.0-WS-WCI-20170207-0610_H8_64-CUMUIFIX-007.scrypt2,7.5.1.0-WS-WCI-20170207-0610_H8_64-CUMUIFIX-007.vcrypt2,7.5.1.0-WS-WCI-20170207-0610_H8_64-CUMUIFIX-007.32bit.sc-linux,7.5.1.0-WS-WCI-20170207-0610_H8_64-CUMUIFIX-007.sc-linux,7.5.1.0-WS-WCI-20170207-0610_H8_64-CUMUIFIX-007.32bit.sc-win,7.5.1.0-WS-WCI-20170207-0610_H8_64-CUMUIFIX-007.sc-win,7.5.1.0-WS-WCI-20170207-0609_H11_64-CUMUIFIX-007.32bit.studio,7.5.1.0-WS-WCI-20170207-0609_H11_64-CUMUIFIX-007.studio,7.5.1.0-WS-WCI-20170207-0610_H8_64-CUMUIFIX-007.docker&includeSupersedes=0>) \nCast Iron Appliance| 7.0.0.2 \n7.0.0.1 \n7.0.0.0| LI79478| [iFix 7.0.0.2-CUMUIFIX-034](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.0.0.2&platform=All&function=fixId&fixids=7.0.0.2-WS-WCI-20170224-0554_H8_64-CUMUIFIX-034.scrypt2,7.0.0.2-WS-WCI-20170224-0554_H8_64-CUMUIFIX-034.vcrypt2,7.0.0.2-WS-WCI-20170224-0554_H8_64-CUMUIFIX-034.32bit.sc-linux,7.0.0.2-WS-WCI-20170224-0554_H8_64-CUMUIFIX-034.32bit.sc-win,7.0.0.2-WS-WCI-20170224-0554_H8_64-CUMUIFIX-034.sc-linux,7.0.0.2-WS-WCI-20170224-0554_H8_64-CUMUIFIX-034.sc-win,7.0.0.2-WS-WCI-20170224-0641_H9_64-CUMUIFIX-034.32bit.studio,7.0.0.2-WS-WCI-20170224-0641_H9_64-CUMUIFIX-034.studio&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nNone\n\n## Change History\n\n07 August 2017: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSGR73\",\"label\":\"IBM Cast Iron Cloud Integration\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"7.5.1.0;7.5.0.1;7.5.0.0;7.0.0.2;7.0.0.1;7.0.0\",\"Edition\":\"Virtual;Physical\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-18T13:57:34", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere Cast Iron Solution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2019-11-18T13:57:34", "id": "6390A51C827FA9826D05D6F22A5DB62BFFC9752CF836C6B898D5F5BEA5C44130", "href": "https://www.ibm.com/support/pages/node/558407", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T21:41:04", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM SmartCloud Entry. IBM SmartCloud Entry has addressed the applicable CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 CVE-2016-2183.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM SmartCloud Entry 2.2.0 through 2.2.0.4 Appliance fix pack 7 \nIBM SmartCloud Entry 2.3.0 through 2.3.0.4 Appliance fix pack 7 \nIBM SmartCloud Entry 2.4.0 through 2.4.0.4 Appliance fix pack 7 \nIBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 22 \nIBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 22\n\n## Remediation/Fixes\n\n \n\n\nProduct| VRMF| APAR| Remediation/First Fix \n---|---|---|--- \nIBM SmartCloud Entry| 2.2| None| IBM SmartCloud Entry 2.2.0 Appliance Fixpack 8: \n \n[_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+Starter+Kit+for+Cloud&fixids=2.2.0.4-IBM-SKC_APPL-FP008&source=SAR_](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+Starter+Kit+for+Cloud&fixids=2.2.0.4-IBM-SKC_APPL-FP008&source=SAR>) \nIBM SmartCloud Entry| 2.3| None| IBM SmartCloud Entry 2.3.0 Appliance Fixpack 8: \n \n[_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=2.3.0.4-IBM-SCE_APPL-FP008&source=SAR_](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=2.3.0.4-IBM-SCE_APPL-FP008&source=SAR>) \nIBM SmartCloud Entry| 2.4| None| IBM SmartCloud Entry 2.4.0 Appliance Fixpack 8: \n \n[_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=2.4.0.4-IBM-SCE_APPL-FP008&source=SAR_](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=2.4.0.4-IBM-SCE_APPL-FP008&source=SAR>) \nIBM SmartCloud Entry| 3.1| None| IBM SmartCloud Entry 3.1.0 Appliance Fixpack 23: \n \n[_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.1.0.4-IBM-SCE_APPL-FP23&source=SAR_](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.1.0.4-IBM-SCE_APPL-FP23&source=SAR>) \nIBM SmartCloud Entry| 3.2| None| IBM SmartCloud Entry 3.2.0 Appliance Fixpack 23: \n \n[_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.2.0.4-IBM-SCE_APPL-FP23&source=SAR_](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.2.0.4-IBM-SCE_APPL-FP23&source=SAR>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-19T00:49:12", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM SmartCloud Entry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2020-07-19T00:49:12", "id": "8575D8248B9DA38940B8C0CCB82D1E07AFCED1CC97BE2C46A21CC51F08DEC7BC", "href": "https://www.ibm.com/support/pages/node/630241", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T21:52:42", "description": "## Summary\n\nPowerKVM is affected by numerous vulnerabilities in OpenSSL. IBM has now addressed these vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nPowerKVM 2.1 and PowerKVM 3.1\n\n## Remediation/Fixes\n\nCustomers can update PowerKVM systems by using \"yum update\". \n\nFix images are made available via Fix Central. For version 3.1, see [_https://ibm.biz/BdHggw_](<https://ibm.biz/BdHggw>). This issue is addressed as of 3.1.0.2 update 3 or later.\n\nFor version 2.1, see [_https://ibm.biz/BdEnT8_](<https://ibm.biz/BdEnT8>). This issue is addressed as of PowerKVM 2.1.1.3-65 update 13 or later. Customers running v2.1 are, in any case, encouraged to upgrade to v3.1. \n\nFor v2.1 systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README> for prerequisite fixes and instructions.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T01:33:47", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect PowerKVM", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-18T01:33:47", "id": "3048CBA7FDCF53E63595104F24F428E3014DB1EE5B3AE7E450E0E0C06E5736BB", "href": "https://www.ibm.com/support/pages/node/629885", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:50:39", "description": "## Summary\n\nVulnerabilities in Open Source openssl that is used by IBM Security Identity Governance (CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6306 CVE-2016-6304 CVE-2016-2183)\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Security Identity Governance and Intelligence 5.2.1\n\n## Remediation/Fixes\n\nProduct Name\n\n| VRMF | APAR| Remediation/Fix \n---|---|---|--- \nIBM Security Identity Governance and Intelligence| 5.2.1| None| [5.2.1.6-ISS-SIGI-IF0007](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.1.0&platform=Linux&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:59:08", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Open Source openSSL affect IBM Security Identity Governance Appliance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-16T21:59:08", "id": "F967014534DCCC8F81A119D3F6C4F892D3391900CC61B075AAC35C3073D741FA", "href": "https://www.ibm.com/support/pages/node/559273", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:50:09", "description": "## Summary\n\nNumerous vulnerabilities have been identified in OpenSSL. The IBM Security Access Manager appliances use OpenSSL and are affected by these vulnerabilities. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2180](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Security Access Manager for Web 7.0 appliances, all firmware versions. \n\nIBM Security Access Manager for Web 8.0 appliances, all firmware versions.\n\nIBM Security Access Manager for Mobile 8.0 appliances, all firmware versions.\n\nIBM Security Access Manager 9.0 appliances, all firmware versions.\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Web| 7.0 (appliance)| IV91120| Apply Interim Fix 28: \n[7.0.0-ISS-WGA-IF0028](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=all>) \nIBM Security Access Manager for Web| 8.0.0.0 - \n8.0.1.4| IV91099| Upgrade to 8.0.1.5:[](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \n[_8.0.1-ISS-WGA-FP0005_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \nIBM Security Access Manager for Mobile| 8.0.0.0 - \n8.0.1.4| IV91116| Upgrade to 8.0.1.5: \n[8.0.1-ISS-ISAM-FP0005](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0&platform=Linux&function=all>) \nIBM Security Access Manager| 9.0 - \n9.0.2.0| IV91081| Upgrade to 9.0.2.1: \n[9.0.2-ISS-ISAM-FP0001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:49:22", "type": "ibm", "title": "Security Bulletin: IBM Security Access Manager appliances are affected by vulnerabilities in OpenSSL", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-16T21:49:22", "id": "D9BE0065398666E1D67CCC53BE7B141B9D057940F7F6EFEC200D45AA41B346EE", "href": "https://www.ibm.com/support/pages/node/289023", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:51:12", "description": "## Summary\n\nThere are multiple vulnerabilities in OpenSSL that is used by IBM Security Network Protection.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Security Network Protection 5.3.1 \nIBM Security Network Protection 5.3.2 \nIBM Security Network Protection 5.3.3\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Protection| Firmware version 5.3.1| Download Firmware 5.3.1.11 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3.2| Install Firmware 5.3.2.5 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3.3| Install Firmware 5.3.3.1 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:47:09", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-16T21:47:09", "id": "F96732014CC74E0CD212E2641AC086C0DBA609B9E2E61E3DC4259C4E401BE0FA", "href": "https://www.ibm.com/support/pages/node/553597", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:51:11", "description": "## Summary\n\nIBM Security Guardium is affected by OpenSSL Security Advisory [22 Sep 2016] and [26 Sep 2016] vulnerabilities. IBM Security Guardium has fixed these issues. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2180](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Security Guardium V 10, 10.0.1, 10.1, 10.1.2.\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Guardium | 10x| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p6022_SecurityUpdate&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p6022_SecurityUpdate&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:47:56", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by OpenSSL Security Advisory [22 Sep 2016] and [26 Sep 2016] vulnerabilities (multiple CVEs)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-16T21:47:56", "id": "0EE17D440C828A2F1F3F9C3FDE6036B28E45371AB043D8D00888155801644813", "href": "https://www.ibm.com/support/pages/node/556655", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:51:12", "description": "## Summary\n\nVulnerabilities in Open Source openssl that is used by IBM Security Identity Governance\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Security Identity Governance and Intelligence 5.2.1\n\n## Remediation/Fixes\n\nProduct Name\n\n| VRMF | APAR| Remediation/Fix \n---|---|---|--- \nIBM Security Identity Governance and Intelligence| 5.2.1| None| [5.2.1.4-ISS-SIGI-IF0005](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.1.0&platform=Linux&function=fixId&fixids=5.2.1.4-ISS-SIGI-IF0005&includeRequisites=1&includeSupersedes=0&downloadMethod=http>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:47:33", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Open Source openSSL affect IBM Security Identity Governance Appliance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-16T21:47:33", "id": "B9A37A9137A6A153E70081729BB78D8014252B973451FD1F85F546C27C63DFCA", "href": "https://www.ibm.com/support/pages/node/555075", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:56:24", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM MQ Appliance. IBM MQ Appliance has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function. A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker that can conduct a man-in-the-middle attack could exploit this vulnerability to recover the plain text data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM MQ Appliance V8.0\n\n## Remediation/Fixes\n\nApply [IBM MQ Appliance Fix Pack 8.0.0.6](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+MQ+Appliance+M2000&release=8.0.0.5&platform=All&function=all>) or later maintenance.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:06:20", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM MQ Appliance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-15T07:06:20", "id": "EEEA1AED0DDC584C51431A9908918AF5D5529838CADC30B95CF1D2E06A297A4E", "href": "https://www.ibm.com/support/pages/node/553573", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:49:56", "description": "## Summary\n\nApache Tomcat prior to version 6.0.48 is susceptible to several vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-0762](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118407> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [CVE-2016-5018](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118406> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-6794](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118405> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-6796](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118404> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-6797](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118403> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n \n \n**CVEID:** [CVE-2016-6816](<https://vulners.com/cve/CVE-2016-6816>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119158> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n\n## Affected Products and Versions\n\n\u00b7 IBM QRadar SIEM 7.2.n\n\n## Remediation/Fixes\n\n\u2022 [_IBM QRadar/QRM/QVM/QRIF 7.2.8 Patch 4_](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.2.0&platform=Linux&function=fixId&fixids=7.2.8-QRADAR-QRSIEM-20170224202650&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-06-16T21:50:43", "type": "ibm", "title": "Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is vulnerable to various CVE's", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816"], "modified": "2018-06-16T21:50:43", "id": "3410E09FDCBC57E565C72083D3A630854D64B8490C9907FC7A07113F787F18CE", "href": "https://www.ibm.com/support/pages/node/292995", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:56:04", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by MobileFirst Quality Assurance. MobileFirst Quality Assurance has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n[](<https://vulners.com/cve/CVE-2016-6302>)**CVEID: **[CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2016-2180](<https://vulners.com/cve/CVE-2016-2180>) \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nMobileFirst Quality Assurance: 6.0.0.0 \u2013 7.0.0.0\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRMF**| **APAR**| **Remediations/first fix** \n---|---|---|--- \nMobileFirst Quality Assurance | 6.0.0.0 - 7.0.0.0| \n| fix pack: [LINK TO FIX](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm~Rational&product=ibm/Rational/IBM+Worklight+Quality+Assurance&release=7.0.0.1&platform=Linux&function=fixId&fixids=1.0.0.8-Rational-WQARHU-fixpack&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp>) \nOperating system updates for MFQA, Version 1.0.0.8 \n \nReview the _Updating_ procedure for your version in the IBM Knowledge Center for additional guidance:\n\n * [Version 6.0](<https://www.ibm.com/support/knowledgecenter/SSFRDS_6.0.0/com.ibm.mqa.install.doc/topics/t_update.html>)\n * [Version 6.3](<https://www.ibm.com/support/knowledgecenter/SSFRDS_6.3.0/com.ibm.mqa.install.doc/topics/t_update.html>)\n * [Version 7.0](<https://www.ibm.com/support/knowledgecenter/SSFRDS_7.0.0/com.ibm.mqa.install.doc/topics/t_update.html>)\n \n \n**Important:** Take a snapshot of the VM before applying these updates. \n \n**Procedure:**\n\n 1. Log in as root. \n \n\n 2. Start IBM Installation Manager in console mode by entering the following command: ` \n``/opt/IBM/InstallationManager/eclipse/tools/imcl``\u2013c` \n\n 3. Select option **P. Preferences**. \n \n\n 4. Select option **1\\. Repositories**. \n \n\n 5. Select option **D. Add Repository**. \n \n\n 6. Enter the following repository URL to update Red Hat Enterprise Linux: \n<https://www.ibm.com/software/repositorymanager/service/com.ibm.rational.wqa.redhatUpdate/> \nNote: If you downloaded the update from FixCentral, then enter the directory of the local update package. \n\n 7. Enter your IBMid credentials:\na. Select option **P. Provide credentials and connect**. \nb. Enter your user name. \nc. Enter your password. \nd. (Optional) Enter **1** to save your credentials. \n \n \n8\\. Select option **A. Apply changes and return to Preferences menu**. \n \n \n9\\. Select option **R. Return to Main Menu**. \n \n \n10\\. From the list of actions, select **2\\. Update**. \n \n \n11\\. Select the **1\\. IBM MobileFirst Platform** package group. \n \n \n12\\. Select **N. Next**. \n \n \n13\\. Select only **Operating system updates for MFQA** \n \n \n14\\. Select **N. Next. \n \n** \n15\\. Follow the prompts to install the updates. \n \nRebooting after upgrading is suggested. \n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T22:33:13", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect MobileFirst Quality Assurance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-17T22:33:13", "id": "362D62C684CC4EC1C14D4239144C432AC6F62E6231DC7416F6DEB9B4ED0F1853", "href": "https://www.ibm.com/support/pages/node/619337", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:54:26", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cognos Metrics Manager. IBM Cognos Metrics Manager has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\n * * IBM Cognos Metrics Manager 10.2.2\n * IBM Cognos Metrics Manager 10.2.1\n * IBM Cognos Metrics Manager 10.2\n * IBM Cognos Metrics Manager 10.1.1\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix as soon as practical. As the fix is in a shared component across the Business Intelligence portfolio, applying the BI Interim Fix will resolve the issue. Note that the prerequisites named in the links are also satisfied by an IBM Cognos Metrics Manager install of the same version. \n\n \n| Version| Interim Fix \n---|---|--- \nIBM Cognos Metrics Manager| 10.2.2| [IBM Cognos Business Intelligence 10.2.2 Interim Fix 13](<http://www-01.ibm.com/support/docview.wss?uid=swg24042721>) \nIBM Cognos Metrics Manager| 10.2.1| [IBM Cognos Business Intelligence 10.2.1 Interim Fix 18](<http://www-01.ibm.com/support/docview.wss?uid=swg24042721>) \nIBM Cognos Metrics Manager| 10.2| [IBM Cognos Business Intelligence 10.2 Interim Fix 21](<http://www-01.ibm.com/support/docview.wss?uid=swg24042721>) \nIBM Cognos Metrics Manager| 10.1.1| [IBM Cognos Business Intelligence 10.1.1 Interim Fix 20](<http://www-01.ibm.com/support/docview.wss?uid=swg24042720>) \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T23:17:03", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-15T23:17:03", "id": "97559256B8C83FB25D3AC653E1F3EBADCC04D4EF78DA4844805305C7544A6E9D", "href": "https://www.ibm.com/support/pages/node/556625", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T17:37:17", "description": "## Summary\n\nVulnerabilities in the OpenSSL component affect the management GUI of SAN Volume Controller, Storwize family and FlashSystem V9000 products. The CLI interface is unaffected. The CVEs are CVE-2016-2177 CVE-2016-2178 CVE-2016-2183 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n \n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM SAN Volume Controller \nIBM Storwize V7000 \nIBM Storwize V5000 \nIBM Storwize V3700 \nIBM Storwize V3500 \nIBM FlashSystem V9000 \n \nAll products are affected when running supported releases 7.1 to 7.8. For unsupported versions of the above products, IBM recommends upgrading to a fixed, supported version of the product.\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500 to the following code levels or higher: \n \n7.6.1.7 \n7.7.1.6 \n7.8.0.2 \n7.8.1.0 \n \n[_Latest SAN Volume Controller Code_](<http://www-01.ibm.com/support/docview.wss?rs=591&uid=ssg1S1001707>) \n[_Latest Storwize V7000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003705>) \n[_Latest Storwize V5000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004336>) \n[_Latest Storwize V3700 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004172>) \n[_Latest Storwize V3500 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004171>) \n \nFor IBM FlashSystem V9000, upgrade to the following code levels or higher: \n \n7.6.1.7 \n7.7.1.6 \n7.8.0.2 \n7.8.1.0 \n \n[_Latest FlashSystem V9000 Code_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+V9000&release=All&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-03-29T01:48:02", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect SAN Volume Controller, Storwize family and FlashSystem V9000 products", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2023-03-29T01:48:02", "id": "F87CCF7C7DB0E048496672AF6D21D716CF33B0D433A0289B3C5763C54B0731AF", "href": "https://www.ibm.com/support/pages/node/697175", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-13T09:36:18", "description": "## Summary\n\nOpenSSL is used by IBM SONAS. IBM SONAS has addressed the applicable CVEs.\n\n## Vulnerability Details\n\nOpenSSL is used in IBM SONAS for providing communication security by encrypting data being transmitted. \n \n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM SONAS \nThe product is affected when running a code releases 1.5.0.0 to 1.5.2.4\n\n## Remediation/Fixes\n\nA fix for these issues is in version 1.5.2.5 of IBM SONAS. Customers running an affected version of SONAS should upgrade to 1.5.2.5 or a later version, so that the fix gets applied. \n \nPlease contact IBM support for assistance in upgrading your system.\n\n## Workarounds and Mitigations\n\nWorkaround(s): None \n \nMitigation(s): Ensure that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T00:28:27", "type": "ibm", "title": "Security Bulletin:Vulnerabilities in OpenSSL affect IBM SONAS", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2183", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-18T00:28:27", "id": "67C80EFFE11B1AC1B2BC370071FDC07472E419E70A224CB705FF75FD6834928B", "href": "https://www.ibm.com/support/pages/node/696385", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T17:36:40", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM InfoSphere Information Server. IBM InfoSphere Information Server has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nThe following products, running on all supported platforms, are affected: \nIBM InfoSphere Information Server: versions 8.7, 9.1, 11.3 and 11.5 \nIBM InfoSphere Information Server on Cloud: version 11.5\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_ | _APAR_ | _Remediation/First Fix_ \n---|---|---|--- \nInfoSphere Information Server, Information Server on Cloud | 11.5 | [_JR56856_](<http://www.ibm.com/support/docview.wss?uid=swg1JR56856>) | \\--Upgrade to [_DataDirect ODBC drivers version 7.1.6_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&release=11.5&function=fixId&fixids=is_ddodbc_7.1.6_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21980217>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \nInfoSphere Information Server | 11.3 | [_JR56856_](<http://www.ibm.com/support/docview.wss?uid=swg1JR56856>) | \\--Upgrade to [_DataDirect ODBC drivers version 7.1.6_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&release=11.3.1&function=fixId&fixids=is_ddodbc_7.1.6_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21980217>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \nInfoSphere Information Server | 9.1 | [_JR56856_](<http://www.ibm.com/support/docview.wss?uid=swg1JR56856>) | \\--Upgrade to [_DataDirect ODBC drivers version 7.1.6_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&release=9.1&function=fixId&fixids=is91_ddodbc_7.1.6_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21980217>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \nInfoSphere Information Server | 8.7 | [_JR56856_](<http://www.ibm.com/support/docview.wss?uid=swg1JR56856>) | Contact IBM Customer Support. \n \n \nFor IBM InfoSphere Information Server version 8.7, IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n \n**Contact Technical Support:**\n\nIn the United States and Canada dial **1-800-IBM-SERV** \nView the support [_contacts for other countries_](<http://www.ibm.com/planetwide/>) outside of the United States. \nElectronically [_open a Service Request_](<http://www.ibm.com/software/support/probsub.html>) with Information Server Technical Support.\n\n## Workarounds and Mitigations\n\nCVE-2016-2183 can be mitigated by disabling DES/3DES Cipher codes using the hidden connection option \u201cCipherList\u201d. This controls which cipher suites can be used by the driver. For information on the format of CipherList, refer to <https://www.openssl.org/docs/man1.0.2/man1/ciphers.html> \n \nTo disable the DES/3DES cipher codes, in the .odbc.ini file, specify the following value for the undocumented CipherList connection option: \nCipherList=DEFAULT:-DES:-3DES \n \nIf you have already specified a value for CipherList, add the following to the existing value: \nDEFAULT:-DES:-3DES \n \nDetailed information on controlling Cipher codes used by the Progress Software DataDirect Connect ODBC drivers can be found in TechNote [_http://www-01.ibm.com/support/docview.wss?uid=swg21883537_](<http://www-01.ibm.com/support/docview.wss?uid=swg21883537>)\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-04-07T15:37:51", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM InfoSphere Information Server", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6303", "CVE-2016-6306"], "modified": "2023-04-07T15:37:51", "id": "552CCD91DA9A5C1B6B08BED8115E70317A59E9D05C357D2E72183BB05B7E0CE8", "href": "https://www.ibm.com/support/pages/node/286971", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:56:23", "description": "## Summary\n\nSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. IBM DataPower Gateways has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in `crypto/bn/bn_print.c`. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected `malloc` behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM DataPower Gateways appliances all versions through 7.0.0.15, 7.1.0.12, 7.2.0.9, 7.5.0.3, 7.5.1.2 and 7.5.2.0.\n\n## Remediation/Fixes\n\nFix is available in versions 7.0.0.16, 7.1.0.13, 7.2.0.10, 7.5.0.4, 7.5.1.3 and 7.5.2.1. Refer to [APAR IT17280](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT17280>) for URLs to download the fix. \n \nYou should verify applying this fix does not cause any compatibility issues. \n\n\n_For DataPower customers using versions 6.x and earlier versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product. _\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:06:27", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-15T07:06:27", "id": "FC8C17DD115E571F97B5F3885C8242567934FD310C97F79C46B626881E94E7C9", "href": "https://www.ibm.com/support/pages/node/555425", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-12T17:33:39", "description": "## Question\n\nSecurity Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares (CVE-2016-6304, CVE-2016-2177, ...)\n\n## Answer\n\n## **Security Bulletin**\n\n## **Summary**\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares has addressed the applicable CVEs.\n\n## **Vulnerability Details**\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302\">) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-6303](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6308](<https://vulners.com/cve/CVE-2016-6308>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by a memory allocation error in dtls1_preprocess_fragment() prior to the excessive message length check. By initiating multiple connection attempts a remote authenticated attacker could send an overly large DTLS message to exhaust all available memory resources. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117114> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information caused by an error in the in the Triple-DES on 64-bit block cipher used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## **Affected Products and Versions**\n\nIBM Aspera Orchestrator 2.6.0 or earlier\n\niBM Aspera Virtural Catcher 2.4.4 or earlier\n\nIBM Aspera Faspex 4.0.1 or earlier\n\nIBM Aspera Shares 1.9.4 or earlier\n\n## **Remediation/Fixes **\n\n_Upgrade to IBM Aspera Shares Orchestrator 2.6.1 IBM Aspera Virtual Catcher to 2.4.5 or later Faspex 4.0.3 or later and IBM Aspera Shares 1.9.6 or later. (<http://downloads.asperasoft.com/en/downloads/>)._\n\nFix delivery details for\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|--- \n \n_IBM Aspera Orchestrator_\n\n| \n\n_< 2.6.1_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/27>_ \n \n_IBM Aspera Virtual Catcher_\n\n| \n\n_< 2.4.5_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/51>_ \n \n_IBM Aspera Faspex_\n\n| \n\n_< 4.0.1_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/6>_ \n \n_IBM Aspera Shares_\n\n| \n\n_< 1.9.6_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/34>_ \n \n_For unsupported versions of IBM Aspera Orchestrator Virtual Catcher Faspex or Shares Application IBM recommends upgrading to a fixed supported version/release/platform of the product._\n\n## **Workarounds and Mitigations**\n\nNone\n\n## **References**\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide>)\n\n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n## **Related Information**\n\n[IBM Secure Engineering Web Portal ](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>)\n\n## **Acknowledgement **\n\nNone\n\n## **Change History**\n\n26 January 2017: Original version published\n\n_*_The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## **Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST) the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS8NDZ\",\"label\":\"IBM Aspera\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-08T04:55:34", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shar", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6308"], "modified": "2018-12-08T04:55:34", "id": "A228DCB694CAC8220E8E2A0506C4BA75BC3542B483B96F88329D683D29298312", "href": "https://www.ibm.com/support/pages/node/746017", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:53:08", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID:** [CVE-2016-6303](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-6308](<https://vulners.com/cve/CVE-2016-6308>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error in dtls1_preprocess_fragment() prior to the excessive message length check. By initiating multiple connection attempts, a remote authenticated attacker could send an overly large DTLS message to exhaust all available memory resources. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117114> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Aspera Orchestrator 2.6.0 or earlier \nIBM Aspera Virtural Catcher 2.4.4 or earlier \nIBM Aspera Faspex 4.0.1 or earlier \nIBM Aspera Shares 1.9.4 or earlier\n\n## Remediation/Fixes\n\n_Upgrade to IBM Aspera Shares Orchestrator 2.6.1, IBM Aspera Virtual Catcher to 2.4.5 or later, Faspex 4.0.3 or later and IBM Aspera Shares 1.9.6 or later. (_[_http://downloads.asperasoft.com/en/downloads/_](<http://downloads.asperasoft.com/en/downloads/>)_)._ \n \nFix delivery details for \n\n_Product_| _VRMF_| _Remediation/First Fix_ \n---|---|--- \n_IBM Aspera Orchestrator_| _< 2.6.1_| [_http://downloads.asperasoft.com/en/downloads/27_](<http://downloads.asperasoft.com/en/downloads/27>) \n_IBM Aspera Virtual Catcher_| _< 2.4.5_| [_http://downloads.asperasoft.com/en/downloads/51_](<http://downloads.asperasoft.com/en/downloads/51>) \n_IBM Aspera Faspex_| _< 4.0.1_| [_http://downloads.asperasoft.com/en/downloads/6_](<http://downloads.asperasoft.com/en/downloads/6>) \n_IBM Aspera Shares_| _< 1.9.6_| [_http://downloads.asperasoft.com/en/downloads/34_](<http://downloads.asperasoft.com/en/downloads/34>) \n \n_For unsupported versions of IBM Aspera Orchestrator, Virtual Catcher, Faspex or Shares Application, IBM recommends upgrading to a fixed, supported version/release/platform of the product._ \n \n\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:08:32", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares (CVE-2016-6304, CVE-2016-2177, ...)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6308"], "modified": "2018-06-15T07:08:32", "id": "55525A5AB54D0FA4DF8FA8BD6DC8E03E586A11FBFBE9E5EA61E7B15171D0178E", "href": "https://www.ibm.com/support/pages/node/300569", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-12T17:33:38", "description": "## Question\n\nSecurity Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares\n\n## Answer\n\nSummary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Orchestrator IBM Aspera Virtual Catcher IBM Aspera Faspex and IBM Aspera Shares.\n\nVulnerability Details\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6304](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117110> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-6303](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6308](<https://vulners.com/cve/CVE-2016-6308>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by a memory allocation error in dtls1_preprocess_fragment() prior to the excessive message length check. By initiating multiple connection attempts a remote authenticated attacker could send an overly large DTLS message to exhaust all available memory resources. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117114> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information caused by an error in the in the Triple-DES on 64-bit block cipher used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\nAffected Products and Versions\n\nIBM Aspera Orchestrator 2.6.0 or earlier\n\niBM Aspera Virtural Catcher 2.4.4 or earlier\n\nIBM Aspera Shares 1.9.4 or earlier\n\nIBM Faspex 4.0.1\n\nRemediation/Fixes \n\nFor your affected product upgrade to the following:\n\n * IBM Aspera Shares Orchestrator 2.6.1 or later\n * IBM Aspera Virtual Catcher to 2.4.5 or later\n * IBM Aspera Shares 1.9.6 or later\n * For Faspex on Windows upgrade to Faspex 4.0.3 or later\n * For Faspex on Linux upgrade the Common package to Common 1.1.25 or later\n\n_<http://downloads.asperasoft.com/en/downloads/>_\n\nFix delivery details for\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|--- \n \n_IBM Aspera Orchestrator_\n\n| \n\n_< 2.6.1_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/27>_ \n \n_IBM Aspera Virtual Catcher_\n\n| \n\n_< 2.4.5_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/51>_ \n \n_IBM Aspera Faspex_\n\n| \n\n_< 4.0.1_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/6>_ \n \n_IBM Aspera Shares_\n\n| \n\n_< 1.9.6_\n\n| \n\n_<http://downloads.asperasoft.com/en/downloads/34>_ \n \n_For unsupported versions of IBM Aspera Orchestrator Virtual Catcher Faspex or Shares Application IBM recommends upgrading to a fixed supported version/release/platform of the product._\n\nWorkarounds and Mitigations\n\nNONE\n\nReferences\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide>)\n\n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\nRelated Information\n\n[IBM Secure Engineering Web Portal ](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>)\n\n**Acknowledgement **None\n\n**Change History**\n\n26 January 2017: Original version published\n\n_*_The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST) the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS8NDZ\",\"label\":\"IBM Aspera\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-08T04:55:34", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shar", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6308"], "modified": "2018-12-08T04:55:34", "id": "A4F052050E4B3F587B7183D9FC910B303A3AE883F2DC83385E6EEA13376742FD", "href": "https://www.ibm.com/support/pages/node/746255", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:54:23", "description": "## Summary\n\nThere are multiple vulnerabilities in IBM\u00ae Runtime Environment Java\u2122 Version 6 used by IBM Cognos Business Viewpoint. These issues were disclosed as part of the IBM Java SDK updates in Jan 2017. Vulernabilities in Apache Tomcat also affect IBM Cognos Business Viewpoint. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-5548_](<https://vulners.com/cve/CVE-2016-5548>)** \nDESCRIPTION:** An unspecified vulnerability in Java SE and Java SE Embedded related to the Libraries component could allow a remote attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/120864_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/120864>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n\n**CVEID:** [_CVE-2016-5552_](<https://vulners.com/cve/CVE-2016-5552>)** \nDESCRIPTION:** An unspecified vulnerability in Java SE Java SE Embedded and Jrockit related to the Networking component has no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/120872_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/120872>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-0762_](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118407_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118407>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-5018_](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118406_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118406>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6794_](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118405_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118405>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6796_](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118404_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118404>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6797_](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118403_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118403>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n\n\n \n**CVEID:** [_CVE-2016-6816_](<https://vulners.com/cve/CVE-2016-6816>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119158_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119158>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n\n**CVEID:** [_CVE-2016-6817_](<https://vulners.com/cve/CVE-2016-6817>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted HTTP/2 header, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119156_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119156>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-8735_](<https://vulners.com/cve/CVE-2016-8735>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an error in the JmxRemoteLifecycleListener. By sending specially crafted data to a JMX port, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119157_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119157>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM Cognos Business Viewpoint 10.1 FP1 \nIBM Cognos Business Viewpoint 10.1.1 FP2\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix in one of the 10.1.x versions listed as soon as practical. \n \nCognos Business Viewpoint 10.1 and Cognos Business Viewpoint 10.1.1 downloads; \n \n[IBM Cognos Business Viewpoint 10.1.0 FP1 IF1010 Windows](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Cognos&product=ibm/Information+Management/Cognos+8+Business+Viewpoint&release=10.1&platform=All&function=fixId&fixids=10.1.0.1-BA-CBV-Win32-IF010>) \n \n[IBM Cognos Business Viewpoint 10.1.1 FP2 IF1009 Windows](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Cognos&product=ibm/Information+Management/Cognos+8+Business+Viewpoint&release=10.1.1&platform=All&function=fixId&fixids=10.1.1.2-BA-CBV-Win32-IF009>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T23:18:18", "type": "ibm", "title": "Security Bulletin: There are multiple vulnerabilities in IBM Java Runtime and Apache Tomcat that affect IBM Cognos Business Viewpoint", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-5548", "CVE-2016-5552", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-6817", "CVE-2016-8735"], "modified": "2018-06-15T23:18:18", "id": "B73E2AC64919358B53CBFE9E0576F144ECF05CB1E42E5E59DCDDEF0BD5FEF485", "href": "https://www.ibm.com/support/pages/node/560313", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:39:10", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n \n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \n****DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-8610_](<https://vulners.com/cve/CVE-2016-8610>)** \nDESCRIPTION:** SSL/TLS protocol is vulnerable to a denial of service, caused by an error when processing ALERT packets during a SSL handshake. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118296_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118296>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nRational ClearQuest versions 7.1 through 7.1.2.19, 8.0 through 8.0.0.20, 8.0.1 through 8.0.1.13, and 9.0 through 9.0.0.3 in the following component: \n\n\n * ClearQuest hooks and cqperl/ratlperl scripts that use SSL. \n * Database drivers configured to use SSL connections to the database.\n\n**ClearQuest version**\n\n| \n\n**Status** \n \n---|--- \n \n9.0 through 9.0.0.3\n\n| \n\nAffected \n \n8.0.1 through 8.0.1.13\n\n| \n\nAffected \n \n8.0 through 8.0.0.20\n\n| \n\nAffected \n \n7.1 through 7.1.2.19\n\n| \n\nAffected \n \n## Remediation/Fixes\n\nApply a fix pack as listed in the table below. The fix pack includes OpenSSL **1.0.2j.**\n\n**Affected Versions**\n\n| \n\n** Fixes** \n \n---|--- \n \n9.0 through 9.0.0.3\n\n| Install [Rational ClearQuest Fix Pack 4 (9.0.0.4) for 9.0](<http://www.ibm.com/support/docview.wss?uid=swg24043344>) \n \n8.0.1 through 8.0.1.13\n\n| Install [Rational ClearQuest Fix Pack 14 (8.0.1.14) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24043342>) \n \n8.0 through 8.0.0.20\n\n| Install [Rational ClearQuest Fix Pack 21 (8.0.0.21) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24043340>) \n \n7.1 through 7.1.2.19\n\n| Customers on extended support contracts for 7.1 should contact Customer Support for information. \n \n_For 7.0, 7.1 and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-04T16:40:40", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearQuest", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-8610"], "modified": "2020-02-04T16:40:40", "id": "B6E330D558AEA3A63E5B06D47046243959B8C2B20BA7866AAE3FA6E59F30BEB1", "href": "https://www.ibm.com/support/pages/node/286339", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:48:31", "description": "## Summary\n\nThe Rational Reporting for Development Intelligence (RRDI) is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could have a potential security impact.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-0762](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118407> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [CVE-2016-5018](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118406> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-6794](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118405> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-6796](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118404> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-6797](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118403> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product(s) and Version(s) \n---|--- \nRRDI 2.0, 2.0.1, 2.0.3 and 2.0.4| Cognos BI 10.1.1 \nRRDI 2.0.5 and 2.0.6| Cognos BI 10.2.1 \nRRDI 5.0, 5.0.1 and 5.0.2| Cognos BI 10.2.1 Fix pack 2 \nJazz Reporting Service 5.0, 5.0.1 and 5.0.2 \n \n## Remediation/Fixes\n\n \nApply the recommended fixes to all affected versions of RRDI. \n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**RRDI 2.0, 2.0.0.1, 2.0.1, 2.0.3 and 2.0.4** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 21 (Implemented by file 10.1.6306.520)](<http://www-01.ibm.com/support/docview.wss?uid=swg24043287>). \nReview technote [1679281: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Reporting for Development Intelligence 2.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679281>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**RRDI 2.0.5 and 2.0.6 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.2.1 Interim Fix 19 (Implemented by file 10.2.5000.537)](<http://www-01.ibm.com/support/docview.wss?uid=swg24043288>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n \n**RRDI 5.0 and 5.0.1 and 5.0.2 ** \n \n\n\n 1. If the Data Collection Component (DCC) or Jazz Reporting Service (JRS, also known as Report Builder) is used, perform this step first. \nReview the topics in [Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2016-0762,CVE-2016-6797)](<http://www-01.ibm.com/support/docview.wss?uid=swg21999756>) for addressing the listed vulnerability in the underlying Jazz Team Server. \n\n 2. If the Cognos-based reporting server is used, also perform this step. \nDownload the [IBM Cognos Business Intelligence 10.2.1.1 Interim Fix 18 (Implemented by file 10.2.5012.504)](<http://www-01.ibm.com/support/docview.wss?uid=swg24043288>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-06-17T05:20:07", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Reporting for Development Intelligence", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797"], "modified": "2018-06-17T05:20:07", "id": "D27D7A3FAB54F4252945DE24C1BCEB0239D87CB0DB7641EF3375DE0B604D151D", "href": "https://www.ibm.com/support/pages/node/293947", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T01:48:31", "description": "## Summary\n\nThe Rational Insight is shipped with a version of the Apache Tomcat web server which contains security vulnerabilities that could have a potential security impact.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-0762](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118407> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [CVE-2016-5018](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118406> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-6794](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118405> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-6796](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118404> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-6797](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118403> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product(s) and Version(s) \n---|--- \nRational Insight 1.1, 1.1.1, 1.1.1.1 and 1.1.1.2| Cognos BI 10.1.1 \nRational Insight 1.1.1.3| Cognos BI 10.2.1 \nRational Insight 1.1.1.4, 1.1.1.5 and 1.1.1.6| Cognos BI 10.2.1 Fix pack 2 \nJazz Reporting Service 5.0, 5.0.1 and 5.0.2 \nRational Insight 1.1.1.7| Cognos BI 10.2.1 Fix pack 2 \nJazz Reporting Service 6.0 \n \n## Remediation/Fixes\n\n \nApply the recommended fixes to all affected versions of Rational Insight. \n \n**Rational Insight 1.1 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 21 (Implemented by file 10.1.6306.520)](<http://www-01.ibm.com/support/docview.wss?uid=swg24043287>). \nReview technote [1679272: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Insight 1.1](<http://www-01.ibm.com/support/docview.wss?uid=swg21679272>) for detailed instructions.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1, 1.1.1.1 and 1.1.1.2 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 21 (Implemented by file 10.1.6306.520)](<http://www-01.ibm.com/support/docview.wss?uid=swg24043287>). \nRead technote [1679281: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Reporting for Development Intelligence 2.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679281>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.3 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.2.1 Interim Fix 19 (Implemented by file 10.2.5000.537)](<http://www-01.ibm.com/support/docview.wss?uid=swg24043288>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.4 and 1.1.1.5 and 1.1.1.6 and 1.1.1.7 ** \n \n\n\n 1. If the Data Collection Component (DCC) or Jazz Reporting Service (JRS, also known as Report Builder) is used, perform this step first. \nReview the topics in [Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2016-0762,CVE-2016-6797)](<http://www-01.ibm.com/support/docview.wss?uid=swg21999756>) for addressing the listed vulnerability in the underlying Jazz Team Server. \n\n 2. If the Cognos-based reporting server is used, also perform this step. \nDownload the [IBM Cognos Business Intelligence 10.2.1.1 Interim Fix 18 (Implemented by file 10.2.5012.504)](<http://www-01.ibm.com/support/docview.wss?uid=swg24043288>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-06-17T05:20:08", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Insight", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797"], "modified": "2018-06-17T05:20:08", "id": "FCEDD547799AE384A4D749F6F180AE8594D14E825F787E185F25A3AC75A35F08", "href": "https://www.ibm.com/support/pages/node/293949", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T05:39:57", "description": "## Summary\n\nThere are vulnerabilities reported in Apache Tomcat v6 that is used by WebSphere Cast Iron Solution. WebSphere Cast Iron Solution has remediated the affected versions.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-0762_](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118407_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118407>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-5018_](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118406_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118406>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6794_](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118405_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118405>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6796_](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118404_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118404>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6797_](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118403_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118403>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nThis vulnerability affects all versions of the product \n \nWebSphere Cast Iron Solution v 7.5.1.0, v 7.5.0.1, v 7.5.0.0 \nWebSphere Cast Iron Solution v 7.0.0.2, v 7.0.0.1, v 7.0.0.0 \nWebSphere Cast Iron Solution v 6.4.0.1, v 6.4.0.0 \nWebSphere Cast Iron Solution v 6.3.0.2, v 6.3.0.1, v 6.3.0.0\n\n## Remediation/Fixes\n\n \n\n\n_Product_| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nCast Iron Appliance| v 7.5.1.0, \nv 7.5.0.1, \nv 7.5.0.0| LI79259| [iFix 7.5.1.0-CUMUIFIX-005](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.5.1.0&platform=All&function=fixId&fixids=7.5.1.0-WS-WCI-20161103-1048_H7_64-CUMUIFIX-005.scrypt2,7.5.1.0-WS-WCI-20161103-1048_H7_64-CUMUIFIX-005.vcrypt2,7.5.1.0-WS-WCI-20161103-1048_H7_64-CUMUIFIX-005.32bit.sc-linux,7.5.1.0-WS-WCI-20161103-1048_H7_64-CUMUIFIX-005.sc-linux,7.5.1.0-WS-WCI-20161103-1048_H7_64-CUMUIFIX-005.32bit.sc-win,7.5.1.0-WS-WCI-20161103-1048_H7_64-CUMUIFIX-005.sc-win,7.5.1.0-WS-WCI-20161103-1049_H11_64-CUMUIFIX-005.32bit.studio,7.5.1.0-WS-WCI-20161103-1049_H11_64-CUMUIFIX-005.studio,7.5.1.0-WS-WCI-20161103-1048_H7_64-CUMUIFIX-005.docker&includeSupersedes=0>) \nCast Iron Appliance| v 7.0.0.2, \nv 7.0.0.1, \nv 7.0.0.0| LI79259| [iFix 7.0.0.2-CUMUIFIX-033](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.0.0.2&platform=All&function=fixId&fixids=7.0.0.2-WS-WCI-20161103-1040_H8_64-CUMUIFIX-033.scrypt2,7.0.0.2-WS-WCI-20161103-1040_H8_64-CUMUIFIX-033.vcrypt2,7.0.0.2-WS-WCI-20161103-1040_H8_64-CUMUIFIX-033.32bit.sc-linux,7.0.0.2-WS-WCI-20161103-1040_H8_64-CUMUIFIX-033.32bit.sc-win7.0.0.2-WS-WCI-20161103-1040_H8_64-CUMUIFIX-033.sc-linux,7.0.0.2-WS-WCI-20161103-1040_H8_64-CUMUIFIX-033.sc-win,7.0.0.2-WS-WCI-20161103-1041_H9_64-CUMUIFIX-033.32bit.studio,7.0.0.2-WS-WCI-20161103-1041_H9_64-CUMUIFIX-033.studio&includeSupersedes=0>) \nCast Iron Appliance| v 6.4.0.1, \nv 6.4.0.0| LI79259| [iFix 6.4.0.1-CUMUIFIX-042](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.4.0.1&platform=All&function=fixId&fixids=6.4.0.1-WS-WCI-20161103-1131_H3-CUMUIFIX-042.scrypt2,6.4.0.1-WS-WCI-20161103-1131_H3-CUMUIFIX-042.vcrypt2,6.4.0.1-WS-WCI-20161103-1131_H4-CUMUIFIX-042.studio&includeSupersedes=0>) \nCast Iron Appliance| v 6.3.0.2, \nv 6.3.0.1, \nv 6.3.0.0| LI79259| [iFix 6.3.0.2-CUMUIFIX-023](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.3.0.2&platform=All&function=fixId&fixids=6.3.0.2-WS-WCI-20161103-1226_H4-CUMUIFIX-023.scrypt2,6.3.0.2-WS-WCI-20161103-1226_H4-CUMUIFIX-023.vcrypt2,6.3.0.2-WS-WCI-20161103-1506_H4-CUMUIFIX-023.studio&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-11-18T13:57:34", "type": "ibm", "title": "Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797"], "modified": "2019-11-18T13:57:34", "id": "F5CDE8C22C4BBC6BB7CBF97A440438D883CD649212412738F8629A2D4E07BCFD", "href": "https://www.ibm.com/support/pages/node/559471", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-13T01:34:19", "description": "## Summary\n\nApache Tomcat is used by Storwize V7000 Unified. Storwize V7000 Unified has addressed the applicable CVEs. \n\n## Vulnerability Details\n\nThis bulletin relates to vulnerabilities in the Apache Tomcat component which is used to provide the product\u2019s management GUI. The CLI interface is unaffected. \n \n**CVEID:** [_CVE-2016-0762_](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118407_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118407>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-5018_](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118406_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118406>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6794_](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118405_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118405>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:**[ _CVE-2016-6796_](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118404_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118404>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6797_](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118403_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118403>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Storwize V7000 Unified \nThe product is affected when running code releases 1.5.0.0 to 1.5.2.5 and 1.6.0.0 to 1.6.2.0\n\n## Remediation/Fixes\n\nA fix for these issues is in version 1.5.2.6 and 1.6.2.1 of IBM Storwize V7000 Unified. Customers running an affected version of IBM Storwize V7000 Unified should upgrade to 1.5.2.6 or 1.6.2.1 or a later version, so that the fix gets applied. \n \n[_Latest Storwize V7000 Unified Software_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003918&myns=s028&mynp=OCST5Q4U&mync=E>) \n \nPlease contact IBM support for assistance in upgrading your system.\n\n## Workarounds and Mitigations\n\nWorkaround(s): None \n \nMitigation(s) : Although IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-06-18T00:32:30", "type": "ibm", "title": "Security Bulletin: Tomcat apache vulnerability affects IBM Storwize V7000 Unified", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797"], "modified": "2018-06-18T00:32:30", "id": "FEA72A089D1755DA76737B39FD3BC90F9FC3011626C35A4FAFB48AD0A4D10189", "href": "https://www.ibm.com/support/pages/node/696969", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T17:45:52", "description": "## Summary\n\nMultiple vulnerabilities in Apache Tomcat affect IBM UrbanCode Release\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-5018](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118406> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-6794](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118405> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-0762](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118407> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-6796](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118404> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID:** [CVE-2016-6797](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118403> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n\n \n \n--- \n \n## Affected Products and Versions\n\nIBM UrbanCode Release 6.2.1.2\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fixes as soon as practical. Review the information below regarding the available fixes. \n\nFor affected supporting products shipped with IBM UrbanCode Release, consult the following security bulletins for vulnerability details and fixes.\n\n**Product**| **VRMF**| **Remediation/First Fix** \n---|---|--- \nIBM UrbanCode Release| 6.2.1.2| [6.2.1.3](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm~Rational&product=ibm/Rational/UrbanCode+Release&release=6.2.1.0&platform=All&function=fixId&fixids=6.2.1.3-UrbanCode-Release&includeRequisites=1&includeSupersedes=0&downloadMethod=http>) \n \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-06-17T22:33:29", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Apache Tomcat affect IBM UrbanCode Release", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797"], "modified": "2018-06-17T22:33:29", "id": "BBD0BB9278125E79B44348E7A6E2FDFBBE0FF4AC9E9184823B714AE94FCDD740", "href": "https://www.ibm.com/support/pages/node/609287", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:52:23", "description": "## Summary\n\nThere are multiple vulnerabilities in OpenSSL that is used by IBM Systems Director(ISD) Platform Agent. These OpenSSL vulnerabilities were disclosed in September 2016 and October 2016 by the OpenSSL Project.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n \n**CVEID:** [_CVE-2016-8610_](<https://vulners.com/cve/CVE-2016-8610>)** \nDESCRIPTION:** SSL/TLS protocol is vulnerable to a denial of service, caused by an error when processing ALERT packets during a SSL handshake. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118296_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118296>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\nIBM Systems Director: \n\n\n * 6.3.5.0 \n * 6.3.6.0\n * 6.3.7.0\n\n## Remediation/Fixes\n\nTo determine the ISD level installed, enter **smcli lsver** on a command line. IBM Systems Director versions pre-6.3.5 are unsupported and will not be fixed. IBM recommends upgrading to a fixed, supported version of the product. \n \nPlease follow the instructions provided to apply fixes on the below releases. \n\n\n * 6.3.5.0 \n * 6.3.6.0\n * 6.3.7.0\n\n1\\. Open the below link to download the fix: \n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FDirector%2FSystemsDirector&fixids=SysDir6_3_5_0_6_3_6_0_6_3_7_0_IT19124_IT19125_IT19126_IT19127](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FDirector%2FSystemsDirector&fixids=SysDir6_3_5_0_6_3_6_0_6_3_7_0_IT19124_IT19125_IT19126_IT19127>)\n\n \n \n\n\n2\\. Select the below fix package that includes fixes for all the supported platforms: \n\n[SysDir6_3_5_0_6_3_6_0_6_3_7_0_IT19124_IT19125_IT19126_IT19127](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FDirector%2FSystemsDirector&fixids=SysDir6_3_5_0_6_3_6_0_6_3_7_0_IT19124_IT19125_IT19126_IT19127>)\n\n3\\. Follow the Instructions in the table for your desired platform\n\n_Product_| _VRMF_| _Associated Technote_ \n---|---|--- \nIBM Systems Director and IBM Systems Director Platform Agent| Xlinux Platform Agent 6.3.5 to 6.3.7| [806573754](<http://www-01.ibm.com/support/docview.wss?uid=nas740ee47e5f925f8ee862580bf00488b02>) \nGo to <http://www-01.ibm.com/support/us/search/> and search for the technote number. \nIBM Systems Director and IBM Systems Director Platform Agent| Windows Platform Agent 6.3.5 to 6.3.7| [806575662](<http://www-01.ibm.com/support/docview.wss?uid=nas7f7aad4432a5757a5862580bf0043bae3>) \nGo to <http://www-01.ibm.com/support/us/search/> and search for the technote number. \nIBM Systems Director and IBM Systems Director Platform Agent| Power Linux Platform Agent 6.3.5 to 6.3.7| [806531342](<http://www-01.ibm.com/support/docview.wss?uid=nas727592f6de625acc4862580bf0049a7f0>) \nGo to <http://www-01.ibm.com/support/us/search/> and search for the technote number. \nIBM Systems Director and \nIBM Systems Director Platform Agent| Zlinux Platform Agent 6.3.5 to 6.3.7| [806597086](<http://www-01.ibm.com/support/docview.wss?uid=nas7c2d24b762e832467862580bf00464502>) \nGo to <http://www-01.ibm.com/support/us/search/> and search for the technote number. \nIBM Systems Director and \nIBM Systems Director Platform Agent| AIX Platform Agent 6.3.5 to 6.3.7| [807363424](<http://www-01.ibm.com/support/docview.wss?uid=nas7aac6903ecf62298f862580c700196d32>) \nGo to <http://www-01.ibm.com/support/us/search/> and search for the technote number. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T01:35:01", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Systems Director Platform Agent", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2180", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-8610"], "modified": "2018-06-18T01:35:01", "id": "9D49F42EF4A0225B668D70A35EF57A994731D3D83E68392C7C0F324576482B10", "href": "https://www.ibm.com/support/pages/node/630597", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-13T09:36:19", "description": "## Summary\n\nOpenSSL is used by IBM Storwize V7000 Unified. IBM Storwize V7000 Unified has addressed the applicable CVEs.\n\n## Vulnerability Details\n\nOpenSSL is used in IBM Storwize V7000 Unified for providing communication security by encrypting data being transmitted. \n \n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Storwize V7000 Unified \nThe product is affected when running code releases 1.5.0.0 to 1.5.2.4 and 1.6.0.0 to 1.6.1.0\n\n## Remediation/Fixes\n\nA fix for these issues is in version 1.5.2.5 and 1.6.2.0 of IBM Storwize V7000 Unified. Customers running an affected version of IBM Storwize V7000 Unified should upgrade to 1.5.2.5 or 1.6.2.0 or a later version, so that the fix gets applied. \n \n[_Latest Storwize V7000 Unified Software_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003918&myns=s028&mynp=OCST5Q4U&mync=E>) \n \nPlease contact IBM support for assistance in upgrading your system.\n\n## Workarounds and Mitigations\n\nWorkaround(s): None \n \nMitigation(s): Ensure that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T00:28:14", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2016-6304, CVE-2016-6303, CVE-2016-2178, CVE-2016-6306 and CVE-2016-2183)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2178", "CVE-2016-2183", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-06-18T00:28:14", "id": "A0863CA5D5484ACA86A919293340C73A404BFFC99B98DF8E4D5C2BA4EFD49938", "href": "https://www.ibm.com/support/pages/node/696303", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:44:48", "description": "## Summary\n\nMultiple vulnerabilities in Open Source Apache Tomcat reported by The Apache Software Foundation affect IBM Tivoli Application Dependency Discovery Manager \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-0762_](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118407_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118407>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-5018_](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118406_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118406>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6794_](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118405_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118405>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6796_](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118404_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118404>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6797_](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118403_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118403>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6816_](<https://vulners.com/cve/CVE-2016-6816>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119158_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119158>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [_CVE-2016-8745_](<https://vulners.com/cve/CVE-2016-8745>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the improper handling of the send file code for the NIO HTTP connector when the Connector code for Tomcat 8.5.x is refactored. An attacker could exploit this vulnerability to obtain the session ID and the response body. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119642_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119642>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nTADDM 7.2.2.0 - 7.2.2.5 \nTADDM 7.3.0.0 (TADDM 7.3.0.1-3 - not affected - using WebSphere Liberty Profile) \n\n## Remediation/Fixes\n\nThere are eFixes prepared on top of the latest released FixPack for each stream: \n\n**Fix**| **VRMF**| **APAR**| **How to acquire fix** \n---|---|---|--- \nefix_TADDM73_tomcat7077_201411291020_1.zip| 7.3.0.0| None| [_Download eFix_](<ftp://ftp.ecurep.ibm.com/fromibm/tivoli/efix_TADDM73_tomcat7077_201411291020_1.zip>) \nefix_TADDM722_tomcat7077_FP520160209.zip| 7.2.2.5 \n| None| [_Download eFix_](<ftp://ftp.ecurep.ibm.com/fromibm/tivoli/efix_TADDM722_tomcat7077_FP520160209.zip>) \n \nPlease get familiar with eFix readme in etc/<efix_name>_readme.txt \nNote that the eFix requires manual deletion of the external/apache-tomcat directory. \n\n## Workarounds and Mitigations\n\nThe solution is to upgrade TADDM to use Tomcat version 7.0.77 \n \neFixes are prepared on top of the latest FixPack release, but if there were any custom changes made in a previous version of Apache Tomcat, please reapply them after the upgrade is finished.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-06-17T15:39:42", "type": "ibm", "title": "Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-8745"], "modified": "2018-06-17T15:39:42", "id": "6B0A5599577E8CC081B38DC85FFC053A3E597118CD8108314778BA17EC91A265", "href": "https://www.ibm.com/support/pages/node/559615", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:39:27", "description": "## Summary\n\nOpenSSL is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-7052_](<https://vulners.com/cve/CVE-2016-7052>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a missing CRL sanity check. By attempting to use CRLs, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117149_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117149>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n**CVEID:** [_CVE-2016-8610_](<https://vulners.com/cve/CVE-2016-8610>)** \nDESCRIPTION:** SSL/TLS protocol is vulnerable to a denial of service, caused by an error when processing ALERT packets during a SSL handshake. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118296_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118296>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\n * IBM Netezza Analytics 1.0.0 - 3.2.3.0\n\n## Remediation/Fixes\n\n \n\n\n_Product_| _VRMF_| _Remediation/First Fix_ \n---|---|--- \n_IBM Netezza Analytics_| _3.2.4.0_| [_Link to Fix Central_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information+Management&product=ibm/Information+Management/Netezza+Applications&release=ANALYTICS_3.2&platform=All&function=fixId&fixids=3.2.4.0-IM-Netezza-ANALYTICS-fp116341>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-18T03:10:29", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities in OpenSSL affect IBM Netezza Analytics", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-7052", "CVE-2016-8610"], "modified": "2019-10-18T03:10:29", "id": "E696B3CA5F178FD306B6388A56E29902BF7FB34F7E9DBB15469457C70EE0724C", "href": "https://www.ibm.com/support/pages/node/286421", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:49:57", "description": "## Summary\n\nOpenSSL Security Advisory [22 Sep 2016] and [26 Sep 2016] outline several vulnerabilities affecting OpenSSL.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [CVE-2016-2182](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116342> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n\u00b7 IBM QRadar SIEM 7.2.n\n\n## Remediation/Fixes\n\n[\u00b7 _IBM QRadar/QRM/QVM/QRIF 7.2.8 Patch 4_](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.2.0&platform=Linux&function=fixId&fixids=7.2.8-QRADAR-QRSIEM-20170224202650&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:50:42", "type": "ibm", "title": "Security Bulletin: OpenSSL as used in IBM QRadar SIEM is vulnerable to various CVE's", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-6302", "CVE-2016-6306"], "modified": "2018-06-16T21:50:42", "id": "E6A3CDDEC0E8C0243CCF6E3AE7AAC01B3BFAB2E4DCD3167478C7DABA96539284", "href": "https://www.ibm.com/support/pages/node/292981", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:52:24", "description": "## Summary\n\nIBM OpenPages GRC Platform has addressed potential security exposure due to multiple vulnerabilities in Apache Tomcat.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2017-6056_](<https://vulners.com/cve/CVE-2017-6056>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by a programming error in the servlet and JSP engine. A remote attacker could exploit this vulnerability to cause the server to enter into an infinite loop. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/122312_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/122312>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVE-ID**: [CVE-2017-5647](<https://vulners.com/cve/CVE-2017-5647>) \n**Description**: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error in the processing of pipelined requests in send file. An attacker could exploit this vulnerability to obtain sensitive information from the wrong response. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/124400_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124400>) for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n \n**CVEID:** [_CVE-2016-6816_](<https://vulners.com/cve/CVE-2016-6816>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119158_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119158>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n\n**CVEID:** [_CVE-2016-8735_](<https://vulners.com/cve/CVE-2016-8735>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an error in the JmxRemoteLifecycleListener. By sending specially crafted data to a JMX port, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119157_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119157>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n**CVEID:** [CVE-2016-0762](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118407> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [CVE-2016-5018](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118406> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-6794](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118405> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-6796](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118404> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-6797](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/118403> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n \n\n\n## Affected Products and Versions\n\nIBM OpenPages GRC Platform version 7.1\n\n## Remediation/Fixes\n\nA fix has been created for each affected version of the named product. Download and install the fix as soon as possible. Fixes and installation instructions are provided at the URLs listed below: \n \n\n\n**Fix**| **Download URL** \n---|--- \nFor OpenPages GRC Platform **7.1.0 through 7.1.0.3 ** \n\\- Apply 7.1 Fix Pack 4 (7.1.0.4) or later| [_http://www.ibm.com/support/docview.wss?uid=swg24043897_](<http://www.ibm.com/support/docview.wss?uid=swg24043897>) \n \nFor OpenPages GRC Platform v7.0.x customers, IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n \n\n\n## Workarounds and Mitigations\n\nNone known, apply fixes.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T23:48:06", "type": "ibm", "title": "Security Bulletin: IBM OpenPages GRC Platform has addressed multiple Apache Tomcat vulnerabilities.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-8735", "CVE-2017-5647", "CVE-2017-6056"], "modified": "2018-06-15T23:48:06", "id": "AB8332BB49251697A40C4A181070CC821286458CE2114BD526688971705EBC0B", "href": "https://www.ibm.com/support/pages/node/296623", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T17:36:16", "description": "## Summary\n\nIBM Integrated Management Module (IMM) for System x & BladeCenter have addressed the following vulnerabilities in OpenSSL.\n\n## Vulnerability Details\n\n**Summary**\n\nIBM Integrated Management Module (IMM) for System x & BladeCenter have addressed the following vulnerabilities in OpenSSL.\n\n**Vulnerability Details**\n\n**CVEID:** [CVE-2016-2177](<https://vulners.com/cve/CVE-2016-2177>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash.\n\nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>)\n\n**Description:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2179](<https://vulners.com/cve/CVE-2016-2179>)\n\n**Description:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2181](<https://vulners.com/cve/CVE-2016-2181>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116344> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6302](<https://vulners.com/cve/CVE-2016-6302>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service.\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>)\n\n**Description:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack.\n\nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**Affected products and versions**\n\nProduct | Affected Version \n---|--- \nIBM Integrated Management Module (IMM) for System x & BladeCenter | YUOO \n \n**Remediation/Fixes**\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nProduct | Fixed Version \n---|--- \nIBM Integrated Management Module (IMM) for System x & BladeCenter \nibm_fw_imm_yuooh4b-1.53_windows_32-64 \nibm_fw_imm_yuooh4b-1.53_linux_32-64 | YUOOH4B - 1.53 \n \n**Workarounds and Mitigations**\n\nNone.\n\n**References**\n\n * [Complete CVSS V3 Guide](<http://www.first.org/cvss/user-guide>)\n * [On-line Calculator V3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n[Lenovo Product Security Advisories](<https://support.lenovo.com/us/en/product_security/home>)\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n05 June, 2017: Original Version Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-04-14T14:32:25", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integrated Management Module (IMM) for System x & BladeCenter", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6306"], "modified": "2023-04-14T14:32:25", "id": "2CA5D41818E752F28081A75E5ED108A18F92F75F767B3E9B6E8AB54215538972", "href": "https://www.ibm.com/support/pages/node/868740", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:40:26", "description": "## Summary\n\nThere are multiple security vulnerabilies in WebSphere Application Server Community Edition.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2016-3092_](<https://vulners.com/cve/CVE-2016-3092>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/114336_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114336>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [_CVE-2016-0762_](<https://vulners.com/cve/CVE-2016-0762>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118407_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118407>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-5018_](<https://vulners.com/cve/CVE-2016-5018>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. An attacker could exploit this vulnerability using a Tomcat utility method to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118406_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118406>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6794_](<https://vulners.com/cve/CVE-2016-6794>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to obtain sensitive information, caused by an error in the system property replacement feature. An attacker could exploit this vulnerability to bypass the SecurityManager and read system properties. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118405_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118405>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6796_](<https://vulners.com/cve/CVE-2016-6796>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118404_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118404>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [_CVE-2016-6797_](<https://vulners.com/cve/CVE-2016-6797>)** \nDESCRIPTION:** Apache Tomcat could allow a local attacker to gain unauthorized access to the system, caused by an error in the ResourceLinkFactory. An attacker could exploit this vulnerability to gain access to arbitrary global JNDI resources. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118403_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118403>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n \n \n**CVEID:** [_CVE-2016-6816_](<https://vulners.com/cve/CVE-2016-6816>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119158_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119158>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n\n**CVEID:** [_CVE-2016-6817_](<https://vulners.com/cve/CVE-2016-6817>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted HTTP/2 header, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119156_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119156>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-8735_](<https://vulners.com/cve/CVE-2016-8735>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an error in the JmxRemoteLifecycleListener. By sending specially crafted data to a JMX port, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119157_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119157>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n**CVEID:** [_CVE-2016-8745_](<https://vulners.com/cve/CVE-2016-8745>)** \nDESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the improper handling of the send file code for the NIO HTTP connector when the Connector code for Tomcat 8.5.x is refactored. An attacker could exploit this vulnerability to obtain the session ID and the response body. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119642_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119642>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2017-6056_](<https://vulners.com/cve/CVE-2017-6056>)** \nDESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by a programming error in the servlet and JSP engine. A remote attacker could exploit this vulnerability to cause the server to enter into an infinite loop. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/122312_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/122312>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\nWebSphere Application Server Community Edition 3.0.0.4\n\n## Remediation/Fixes\n\nIBM WebSphere Application Server Community Edition 3.0.0.4 is out of general support, customers with a support extension contract can contact IBM support to request the fix. \n\n## Workarounds and Mitigations\n\nnone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-30T07:48:35", "type": "ibm", "title": "Security Bulletin: Multiple Security vulnerabilities in WebSphere Application Server Community Edition", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-3092", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-6817", "CVE-2016-8735", "CVE-2016-8745", "CVE-2017-6056"], "modified": "2019-08-30T07:48:35", "id": "E19B380C2BF0F26DFDCBADD37C1B7D4A13ED463E7B4B4ECE7EEEC8895D5690CB", "href": "https://www.ibm.com/support/pages/node/559087", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T21:48:24", "description": "## Summary\n\nThere is a potential code execution vulnerability in WebSphere Application Server. OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-5983_](<https://vulners.com/cve/CVE-2016-5983>) \n**DESCRIPTION:** IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code with a serialized object from untrusted sources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116468_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116468>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-2183](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-6303](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117023> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2178](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-6306](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117112> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions and releases of IBM WebSphere Application Server:\n\n * Liberty\n * Version 9.0\n * Version 8.5.5\n\n## Remediation/Fixes\n\nTo **patch an existing service instance** requires two steps: \n \n1\\. To update WebSphere Application Server refer to the IBM WebSphere Application Server bulletin listed below: \n \n[**Security Bulletin: Code execution vulnerability in WebSphere Application Server (CVE-2016-5983)**](<https://www-01.ibm.com/support/docview.wss?uid=swg21990060>)**. ** \n \n2\\. To apply the RHEL OS updates, run **yum update.** \n \nAlternatively, delete the vulnerable service instance and create a new instance. The new maintenance will be included.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-16T17:48:41", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server for Bluemix", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2178", "CVE-2016-2180", "CVE-2016-2183", "CVE-2016-5983", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2018-08-16T17:48:41", "id": "A126A145E69CBBC87108F9848562481E6F22BB79D162EC867EB21CB2178D3468", "href": "https://www.ibm.com/support/pages/node/714779", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:38:41", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22, September 26, and November 10, 2016 by the OpenSSL Project. The DataDirect ODBC Drivers used by WebSphere Message Broker and IBM Integration Bus have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-7055_](<https://vulners.com/cve/CVE-2016-7055>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in a Broadwell-specific Montgomery multiplication procedure. By sending specially crafted data, a remote attacker could exploit this vulnerability to trigger errors in public-key operations in configurations where multiple remote clients select an affected EC algorithm and cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118748_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118748>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\nIBM Integration Bus V10, V9 \n\nWebSphere Message Broker V8\n\n## Remediation/Fixes\n\n \n**_For users of ODBC SSL using the DataDirect drivers:_** \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation/Fix** \n---|---|---|--- \nIBM Integration Bus \n \n \n| V10 \n \n| IT17992 | The APAR is available in fix pack 10.0.0.8 \n<https://www.ibm.com/support/docview.wss?uid=swg24043443> \nIBM Integration Bus \n \n \n| V9 \n \n| IT17992 | The APAR is available in fix pack 9.0.0.7[](<https://www-304.ibm.com/support/docview.wss?uid=swg24042598>) \n<http://www-01.ibm.com/support/docview.wss?uid=swg24043227> \nWebSphere Message Broker | V8| IT17992 | An interim fix is available from IBM Fix Central \n[http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=All&platform=All&function=aparId&apars=IT17992](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=All&platform=All&function=aparId&apars=IT17992>) \n \n \n_For unsupported versions of the product, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n \nThe planned maintenance release dates for WebSphere Message Broker and IBM Integration Bus are available at : \n[http://www.ibm.com/support/docview.wss?uid=swg27006308 ](<http://www.ibm.com/support/docview.wss?uid=swg27006308>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-23T20:41:52", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker and IBM Integration Bus", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6303", "CVE-2016-6306", "CVE-2016-7055"], "modified": "2020-03-23T20:41:52", "id": "EF8F5D2176643F60AAACF896D63970A0820FAB5D2142D03834334DF645116BBD", "href": "https://www.ibm.com/support/pages/node/294569", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:38:41", "description": "## Summary\n\nOpenSSL\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u3001OpenSSL Project\u3088\u308a2016\u5e74 9\u670822\u65e5\u30019\u670826\u65e5\u300111\u670810\u65e5\u306b\u305d\u308c\u305e\u308c\u516c\u8868\u3055\u308c\u3066\u304a\u308a\u307e\u3059\u3002WebSphere Message Broker\u306a\u3089\u3073\u306bIBM Integration Bus\u306b\u3066\u4f7f\u7528\u3055\u308c\u3066\u3044\u308bDataDirect ODBC \u30c9\u30e9\u30a4\u30d0\u30fc\u306b\u5bfe\u3057\u3066\u8a72\u5f53\u3059\u308bCVE\u304c\u3042\u308a\u3001\u5bfe\u51e6\u3057\u3066\u304a\u308a\u307e\u3059\u3002\n\n## Vulnerability Details\n\n\u6700\u65b0\u306e\u60c5\u5831\u306f\u4e0b\u8a18\u306e\u6587\u66f8\uff08\u82f1\u8a9e\uff09\u3092\u3054\u53c2\u7167\u304f\u3060\u3055\u3044\u3002 \nSecurity Bulletin: Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker and IBM Integration Bus \n<http://www.ibm.com/support/docview.wss?uid=swg22000536> \n \n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>)** \nDESCRIPTION:** `OpenSSL\u306f\u3001MDC2_Update\u95a2\u6570\u306einteger\u306e\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306b\u3088\u3063\u3066\u5f15\u304d\u8d77\u3053\u3055\u308c\u308b\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u306b\u5bfe\u3059\u308b\u8106\u5f31\u6027\u3067\u3059\u3002\u672a\u77e5\u306e\u653b\u6483\u65b9\u6cd5\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u306b\u3088\u308a\u3001\u5916\u90e8\u306e\u653b\u6483\u8005\u306f\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3066\u7bc4\u56f2\u5916\u306e\u66f8\u304d\u8fbc\u307f\u3092\u30c8\u30ea\u30ac\u30fc\u3057\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u30af\u30e9\u30c3\u30b7\u30e5\u3055\u305b\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002` \nCVSS Base Score: 5.3 \nCVSS Temporal Score: \u73fe\u5728\u306e\u30b9\u30b3\u30a2\u306f [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** `OpenSSL\u306f\u3001crypto / bn / bn_print.c\u306eTS_OBJ_print_bio\u95a2\u6570\u306e\u7bc4\u56f2\u5916\u66f8\u304d\u8fbc\u307f\u306b\u3088\u3063\u3066\u5f15\u304d\u8d77\u3053\u3055\u308c\u308b\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u306b\u5bfe\u3059\u308b\u8106\u5f31\u6027\u3067\u3059\u3002\u5916\u90e8\u306e\u653b\u6483\u8005\u306f\u3001\u7279\u5225\u306b\u7d30\u5de5\u3055\u308c\u305f\u5024\u3092\u4f7f\u7528\u3057\u3066\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u30af\u30e9\u30c3\u30b7\u30e5\u3055\u305b\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002` \nCVSS Base Score: 4.3 \nCVSS Temporal Score: \u73fe\u5728\u306e\u30b9\u30b3\u30a2\u306f [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** `OpenSSL\u306f\u3001\u30d2\u30fc\u30d7\u30d0\u30c3\u30d5\u30a1\u5883\u754c\u30c1\u30a7\u30c3\u30af\u306e\u305f\u3081\u306e\u30dd\u30a4\u30f3\u30bf\u7b97\u8853\u306e\u4e0d\u6b63\u306a\u4f7f\u7528\u306b\u3088\u3063\u3066\u5f15\u304d\u8d77\u3053\u3055\u308c\u308b\u30b5\u30fc\u30d3\u30b9\u59a8\u5bb3\u306b\u5bfe\u3059\u308b\u8106\u5f31\u6027\u3067\u3059\u3002\u4e88\u671f\u305b\u306cmalloc\u306e\u52d5\u4f5c\u3092\u5229\u7528\u3059\u308b\u3053\u3068\u3067\u3001\u5916\u90e8\u306e\u653b\u6483\u8005\u306f\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3066\u3001integer\u306e\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u3092\u5f15\u304d\u8d77\u3053\u3057\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u30af\u30e9\u30c3\u30b7\u30e5\u3055\u305b\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002` \nCVSS Base Score: 5.9 \nCVSS Temporal Score: \u73fe\u5728\u306e\u30b9\u30b3\u30a2\u306f [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** `OpenSSL\u306b\u30c7\u30b8\u30bf\u30eb\u7f72\u540d\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u306e\u5b9f\u88c5\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u4e0d\u7279\u5b9a\u306e\u30bf\u30a4\u30df\u30f3\u30b0\u3067\u3042\u308b\u7279\u5b9a\u306e\u64cd\u4f5c\u306b\u3088\u3063\u3066\u5916\u90e8\u304b\u3089\u6a5f\u5bc6\u60c5\u5831\u304c\u6f0f\u6d29\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002 `\n\n \n`\u653b\u6483\u8005\u306f\u3001\u30ad\u30e3\u30c3\u30b7\u30e5\u30bf\u30a4\u30df\u30f3\u30b0\u653b\u6483\u3092\u4f7f\u7528\u3057\u3066\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3066\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8DSA\u30ad\u30fc\u3092\u56de\u5fa9\u3067\u304d\u3066\u3057\u307e\u3044\u307e\u3059\u3002` \nCVSS Base Score: 5.3 \nCVSS Temporal Score: \u73fe\u5728\u306e\u30b9\u30b3\u30a2\u306f [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL\u306b\u3001\u8a3c\u660e\u66f8\u306e\u89e3\u6790\u6642\u306b\u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u9577\u3055\u30c1\u30a7\u30c3\u30af\u3092\u8aa4\u3063\u3066\u3057\u307e\u3044\u3001\u30b5\u30fc\u30d3\u30b9\u4e0d\u80fd\u306b\u306a\u3063\u3066\u3057\u307e\u3046\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002\n\n \n \n\u30ea\u30e2\u30fc\u30c8\u8a8d\u8a3c\u3055\u308c\u305f\u653b\u6483\u8005\u306f\u3001\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3066\u3001\u7bc4\u56f2\u5916\u306e\u8aad\u307f\u53d6\u308a\u3092\u5f15\u304d\u8d77\u3053\u3057\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u3092\u5f15\u304d\u8d77\u3053\u3059\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: \u73fe\u5728\u306e\u30b9\u30b3\u30a2\u306f [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL\u306bSSL / TLS\u30d7\u30ed\u30c8\u30b3\u30eb\u306e\u4e00\u90e8\u3068\u3057\u3066\u4f7f\u7528\u3055\u308c\u308bDES / 3DES\u6697\u53f7\u306b\u554f\u984c\u304c\u3042\u308a\u3001 \u5916\u90e8\u653b\u6483\u8005\u306f\u6a5f\u5bc6\u60c5\u5831\u3092\u53d6\u5f97\u3067\u304d\u3066\u3057\u307e\u3046\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u5927\u91cf\u306e\u6697\u53f7\u5316\u3055\u308c\u305f\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u3092SSL / TLS\u30b5\u30fc\u30d0\u30fc\u3068\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u9593\u3067\u30ad\u30e3\u30d7\u30c1\u30e3\u3059\u308b\u3053\u3068\u306b\u3088\u308a\u3001\u4e2d\u9593\u8005\u306e\u653b\u6483\u3092\u884c\u3046\u3053\u3068\u304c\u3067\u304d\u308b\u5916\u90e8\u653b\u6483\u8005\u304c\u3053\u306e\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3066\u5e73\u6587\u30c7\u30fc\u30bf\u306b\u56de\u5fa9\u3055\u305b\u3001\u6a5f\u5bc6\u60c5\u5831\u3092\u53d6\u5f97\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u8106\u5f31\u6027\u306fSWEET32 \u8a95\u751f\u65e5\u653b\u6483\u3068\u547c\u3070\u308c\u307e\u3059\u3002 \nCVSS Base Score: 3.7 \nCVSS Temporal Score: \u73fe\u5728\u306e\u30b9\u30b3\u30a2\u306f [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-7055_](<https://vulners.com/cve/CVE-2016-7055>)** \nDESCRIPTION:** OpenSSL\u306b\u3001Broadwell\u56fa\u6709\u306e\u30e2\u30f3\u30b4\u30e1\u30ea\u4e57\u7b97\u306e\u554f\u984c\u306b\u3088\u3063\u3066\u5f15\u304d\u8d77\u3053\u3055\u308c\u308b\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u306e\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u5916\u90e8\u653b\u6483\u8005\u306f\u3001\u7279\u5225\u306b\u7d30\u5de5\u3055\u308c\u305f\u30c7\u30fc\u30bf\u3092\u9001\u4fe1\u3059\u308b\u3053\u3068\u306b\u3088\u308a\u3001\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3066\u3001\u8907\u6570\u306e\u30ea\u30e2\u30fc\u30c8\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304c\u5f71\u97ff\u3092\u53d7\u3051\u308bEC\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092\u9078\u629e\u3057\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u3092\u5f15\u304d\u8d77\u3053\u3059\u3088\u3046\u306a\u69cb\u6210\u3067\u516c\u958b\u30ad\u30fc\u64cd\u4f5c\u306e\u30a8\u30e9\u30fc\u3092\u5f15\u304d\u8d77\u3053\u3059\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002 \nCVSS Base Score: 5.3 \nCVSS Temporal Score: \u73fe\u5728\u306e\u30b9\u30b3\u30a2\u306f [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118748_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118748>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n## Affected Products and Versions\n\n\u6b21\u306e\u88fd\u54c1\u30fb\u30d0\u30fc\u30b8\u30e7\u30f3\u3067\u5f71\u97ff\u304c\u3042\u308a\u307e\u3059\u3002 \n \nIBM Integration Bus V9, V10 \n\nWebSphere Message Broker V8\n\n## Remediation/Fixes\n\n**\u88fd\u54c1\u540d**\n\n| **\u30d0\u30fc\u30b8\u30e7\u30f3**| **APAR**| **Remediation/Fix** \n---|---|---|--- \nIBM Integration Bus \n \n| V10 \n| IT17992 | Fixpack8\u306b\u3066\u4fee\u6b63\u3055\u308c\u3066\u304a\u308a\u307e\u3059\u3002The APAR is available in fix pack 10.0.0.8_ \n_[_https://www.ibm.com/support/docview.wss?uid=swg24043443_](<https://www.ibm.com/support/docview.wss?uid=swg24043443>) \nIBM Integration Bus \n \n| V9 \n| IT17992 | Fixpack7\u306b\u3066\u4fee\u6b63\u3055\u308c\u3066\u304a\u308a\u307e\u3059\u3002The APAR is available in fix pack 9.0.0.7[](<https://www-304.ibm.com/support/docview.wss?uid=swg24042598>)_ \n_[_http://www-01.ibm.com/support/docview.wss?uid=swg24043227_](<http://www-01.ibm.com/support/docview.wss?uid=swg24043227>) \nWebSphere Message Broker | V8| IT17992 | Interim fix\u304c\u63d0\u4f9b\u3055\u308c\u3066\u304a\u308a\u307e\u3059\u3002IBM Fix Central\u304b\u3089\u5165\u624b\u3067\u304d\u307e\u3059\u3002 _ \n_[_http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=All&platform=All&function=aparId&apars=IT17992_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=All&platform=All&function=aparId&apars=IT17992>) \n \n## Workarounds and Mitigations\n\n\u3042\u308a\u307e\u305b\u3093\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-23T20:41:52", "type": "ibm", "title": "Security Bulletin: OpenSSL\u306b\u3042\u308b\u8907\u6570\u306e\u8106\u5f31\u6027\u306eWebSphere Message Broker\u3068IBM Integration Bus\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6303", "CVE-2016-6306", "CVE-2016-7055"], "modified": "2020-03-23T20:41:52", "id": "CF387EA027623942683EFC747D5E8C53C455A7B39987E11DF2162158A50271EA", "href": "https://www.ibm.com/support/pages/node/295259", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:46:00", "description": "## Summary\n\nMultiple vulnerabilities in OpenSSL leave IBM MessageSight vulnerable to a denial of service.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-7052_](<https://vulners.com/cve/CVE-2016-7052>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a missing CRL sanity check. By attempting to use CRLs, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117149_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117149>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM MessageSight\n\n| v1.1 - 1.1.0.1 \n---|--- \nIBM MessageSight| v1.2 \u2013 1.2.0.3 \n \n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_IBM MessageSight_| \n\n_1.2_\n\n| \n\n_IT19404_\n\n| \n\n[_1.2.0.3-IBM-IMA-IFIT19404_](<http://www.ibm.com/support/docview.wss?uid=swg21999574>) \n \n_IBM MessageSight_| \n\n_1.1_\n\n| \n\n_IT19404_\n\n| \n\n[_1.1.0.1-IBM-IMA-IFIT19404_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.1.0.1-IBM-IMA-IFIT19404&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T15:36:58", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM MessageSight (CVE-2016-6303, CVE-2016-2182, CVE-2016-2178, CVE-2016-6306, CVE-2016-2183, CVE-2016-2177, CVE-2016-7052)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6303", "CVE-2016-6306", "CVE-2016-7052"], "modified": "2018-06-17T15:36:58", "id": "D1B9345E7C0A3051B97AF8EB65F3D4BBDE1B65A53A7D35A8D108A09537C245F9", "href": "https://www.ibm.com/support/pages/node/292949", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:41:04", "description": "## Summary\n\nOpenSSL vulnerabilities were discolsed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM SmartCloud Entry. IBM SmartCloud Entry has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by multiple memory leaks in t1_lib.c during session renegotiation. By sending an overly large OCSP Status Request extension, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6305_](<https://vulners.com/cve/CVE-2016-6305>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in SSL_peek(). By sending specially crafted data, a remote authenticated attacker could exploit this vulnerability to cause the service to hang. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117111_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117111>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n \n \n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-6307_](<https://vulners.com/cve/CVE-2016-6307>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error in the logic prior to the excessive message length check. By initiating multiple connection attempts, a remote authenticated attacker could send an overly large message to exhaust all available memory resources. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117113_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117113>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6308_](<https://vulners.com/cve/CVE-2016-6308>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error in dtls1_preprocess_fragment() prior to the excessive message length check. By initiating multiple connection attempts, a remote authenticated attacker could send an overly large DTLS message to exhaust all available memory resources. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117114_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117114>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM SmartCloud Entry Hyper-V Agent 3.1.0 through 3.1.0.4 interim fix 3, \n\nIBM SmartCloud Entry Hyper-V Agent 3.2.0 through 3.2.0.4 interim fix3,\n\nIBM Cloud Manager with OpenStack Hyper-V Agent 4.1.0 thorugh 4.1.0.5,\n\nIBM tCloud Manager with OpenStack Hyper-V Agent 4.3.0 through 4.3.0.7\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_SmartCloud Entry_| _3.1_| _None_| IBM SmartCloud Entry 3.1 Hyper-V Agent interim fix 4 for fix pack 4 : \n[](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.1.0.4-IBM-SCE_HYPV-IF004&source=SAR>)[`_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.1.0.4-IBM-SCE_HYPV-IF004&source=SAR_`](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.1.0.4-IBM-SCE_HYPV-IF004&source=SAR>)[](<https://www-304.ibm.com/support/docview.wss?uid=swg24029672>) \nSmartCloud Entry| 3.2| None| IBM SmartCloud Entry 3.2 Hyper-V Agent interim fix 4 for fix pack 4 : \n[](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.2.0.4-IBM-SCE_HYPV-IF004&source=SAR>)[`_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.2.0.4-IBM-SCE_HYPV-IF004&source=SAR_`](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+SmartCloud+Entry&fixids=3.2.0.4-IBM-SCE_HYPV-IF004&source=SAR>) \nIBM Cloud Manager | 4.1| None| IBM Cloud Manager with OpenStack 4.1 Hyper-V Agent interim fix 1 for fix pack 5: \n[`_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FCloud+Manager+with+Openstack&fixids=4.1.0.5-IBM-CMWO_HYPV-IF001&source=SAR_`](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FCloud+Manager+with+Openstack&fixids=4.1.0.5-IBM-CMWO_HYPV-IF001&source=SAR>) \nIBM Cloud Manager | 4.3| None| IBM Cloud Manager with OpenStack 4.3 Hyper-V Agent fix pack 8: \n[`_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FCloud+Manager+with+Openstack&fixids=4.3.0.8-IBM-CMWO_HYPV-FP08&source=SAR_`](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FCloud+Manager+with+Openstack&fixids=4.3.0.8-IBM-CMWO_HYPV-FP08&source=SAR>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-19T00:49:12", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM SmartCloud Entry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6305", "CVE-2016-6306", "CVE-2016-6307", "CVE-2016-6308"], "modified": "2020-07-19T00:49:12", "id": "142CC78D456D60E4C1854BC0E93F8802FF4122A7CF6BFD85E457671E02B96A45", "href": "https://www.ibm.com/support/pages/node/631901", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:45:24", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4. IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4 has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-6309_](<https://vulners.com/cve/CVE-2016-6309>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a use-after-free when handling message sizes. By sending an overly large message, a remote attacker could exploit this vulnerability to possibly execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117148_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117148>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-7052_](<https://vulners.com/cve/CVE-2016-7052>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a missing CRL sanity check. By attempting to use CRLs, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117149_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117149>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \nCVE-ID: [_CVE-2016-8610_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118296>) \nDescription: SSL/TLS protocol is vulnerable to a denial of service, caused by an error when processing ALERT packets during a SSL handshake. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base Score: 7.500 \nCVSS Temporal Score: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/118296_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118296>) for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\n**IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4 **\n\n## Remediation/Fixes\n\nIBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4 \n\n| IV90315| Please call IBM service and reference APAR IV90315, to obtain a fix. Only HTTPS Support for Perl Collector Install is affected. \n---|---|--- \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T15:28:49", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4 - HTTPS support for Perl Collector", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6309", "CVE-2016-7052", "CVE-2016-8610"], "modified": "2018-06-17T15:28:49", "id": "F4B54AA8642264D84C83C50AC6EDE073C6E0DF84951C7BE4C0C739B701EA41CE", "href": "https://www.ibm.com/support/pages/node/551901", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T21:42:53", "description": "## Summary\n\nOpenSSL is used by IBM i. IBM i has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-6302_](<https://vulners.com/cve/CVE-2016-6302>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation of the ticket length by the tls_decrypt_ticket function A remote attacker could exploit this vulnerability using a ticket that is too short to cause a denial of service. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117024_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117024>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n \n\n\n**CVEID:** [_CVE-2016-6304_](<https://vulners.com/cve/CVE-2016-6304>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By repeatedly requesting renegotiation, a remote authenticated attacker could send an overly large OCSP Status Request extension to consume all available memory resources. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117110_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117110>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-6305_](<https://vulners.com/cve/CVE-2016-6305>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in SSL_peek(). By sending specially crafted data, a remote authenticated attacker could exploit this vulnerability to cause the service to hang. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117111_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117111>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-6303_](<https://vulners.com/cve/CVE-2016-6303>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an integer overflow in the MDC2_Update function. By using unknown attack vectors, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117023_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117023>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2182_](<https://vulners.com/cve/CVE-2016-2182>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds write in the TS_OBJ_print_bio function in crypto/bn/bn_print.c. A remote attacker could exploit this vulnerability using a specially crafted value to cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116342_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116342>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2180_](<https://vulners.com/cve/CVE-2016-2180>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/115829_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115829>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2177_](<https://vulners.com/cve/CVE-2016-2177>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks. By leveraging unexpected malloc behavior, a remote attacker could exploit this vulnerability to trigger an integer overflow and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2178_](<https://vulners.com/cve/CVE-2016-2178>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DSA implementation that allows the following of a non-constant time codepath for certain operations. An attacker could exploit this vulnerability using a cache-timing attack to recover the private DSA key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2179_](<https://vulners.com/cve/CVE-2016-2179>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted DTLS record fragments to fill up buffer queues, a remote attacker could exploit this vulnerability to open a large number of simultaneous connections and consume all available memory resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116343_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116343>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-6306_](<https://vulners.com/cve/CVE-2016-6306>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by missing message length checks when parsing certificates. A remote authenticated attacker could exploit this vulnerability to trigger an out-of-bounds read and cause a denial of service. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117112_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117112>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-6307_](<https://vulners.com/cve/CVE-2016-6307>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error in the logic prior to the excessive message length check. By initiating multiple connection attempts, a remote authenticated attacker could send an overly large message to exhaust all available memory resources. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117113_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117113>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-6308_](<https://vulners.com/cve/CVE-2016-6308>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error in dtls1_preprocess_fragment() prior to the excessive message length check. By initiating multiple connection attempts, a remote authenticated attacker could send an overly large DTLS message to exhaust all available memory resources. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117114_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117114>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2183_](<https://vulners.com/cve/CVE-2016-2183>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116337_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116337>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2181_](<https://vulners.com/cve/CVE-2016-2181>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error in the DTLS replay protection implementation. By sending a specially crafted sequence number, a remote attacker could exploit this vulnerability to cause valid packets to be dropped. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/116344_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116344>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nReleases 7.1, 7.2 and 7.3 of IBM i are affected. \n\n## Remediation/Fixes\n\nThe issue can be fixed by applying a PTF to IBM i. \n \nReleases 7.1, 7.2 and 7.3 of IBM i are supported and will be fixed. \n\n[_http://www-933.ibm.com/support/fixcentral/_](<http://www-933.ibm.com/support/fixcentral/>)\n\n \nThe IBM i PTF numbers are: \n \n**Release 7.1 \u2013 SI62623** \n**Release 7.2 & 7.3 \u2013 SI62622** \n \n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-18T14:26:38", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM i", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6305", "CVE-2016-6306", "CVE-2016-6307", "CVE-2016-6308"], "modified": "2019-12-18T14:26:38", "id": "4DCD65078718A8D516F2EEE878B45FE5D131D6C4D4010E935F3E6A750A6D9BB3", "href": "https://www.ibm.com/support/pages/node/667551", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "mageia": [{"lastseen": "2023-06-03T15:12:47", "description": "The Realm implementations did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder (CVE-2016-0762). A malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications (CVE-2016-5018). It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges (CVE-2016-5425). It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges (CVE-2016-6325). When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. Tomcat's system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible (CVE-2016-6794). A malicious web application was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet (CVE-2016-6796). The ResourceLinkFactory did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not (CVE-2016-6797). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2016-11-04T22:29:35", "type": "mageia", "title": "Updated tomcat packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-5425", "CVE-2016-6325", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797"], "modified": "2016-11-04T22:29:35", "id": "MGASA-2016-0367", "href": "https://advisories.mageia.org/MGASA-2016-0367.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-03T15:12:47", "description": "Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic (CVE-2016-2177). Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code (CVE-2016-2178). Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS (CVE-2016-2179, CVE-2016-2181). Shi Lei discovered an out-of-bounds memory read in TS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec() and MDC2_Update() (CVE-2016-2180, CVE-2016-2182, CVE-2016-6303). DES-based cipher suites are demoted from the HIGH group to MEDIUM as a mitigation for the SWEET32 attack (CVE-2016-2183). Shi Lei discovered that the use of SHA512 in TLS session tickets is susceptible to denial of service (CVE-2016-6302). Shi Lei discovered that excessively large OCSP status request may result in denial of service via memory exhaustion (CVE-2016-6304). Shi Lei discovered that missing message length validation when parsing certificates may potentially result in denial of service (CVE-2016-6306). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-11T22:12:20", "type": "mageia", "title": "Updated openssl packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"], "modified": "2016-10-11T22:12:20", "id": "MGASA-2016-0338", "href": "https://advisories.mageia.org/MGASA-2016-0338.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2016-12-12T06:02:46", "description": "This update for Tomcat provides the following fixes:\n\n Feature changes:\n\n The embedded Apache Commons DBCP component was updated to version 2.0.\n (bsc#1010893 fate#321029)\n\n Security fixes:\n - CVE-2016-0762: Realm Timing Attack (bsc#1007854)\n - CVE-2016-5018: Security Manager Bypass (bsc#1007855)\n - CVE-2016-6794: System Property Disclosure (bsc#1007857)\n - CVE-2016-6796: Manager Bypass (bsc#1007858)\n - CVE-2016-6797: Unrestricted Access to Global Resources (bsc#1007853)\n - CVE-2016-8735: Remote code execution vulnerability in\n JmxRemoteLifecycleListener (bsc#1011805)\n - CVE-2016-6816: HTTP Request smuggling vulnerability due to permitting\n invalid character in HTTP requests (bsc#1011812)\n\n Bugs fixed:\n - Fixed StringIndexOutOfBoundsException in WebAppClassLoaderBase.filter().\n (bsc#974407)\n - Fixed a deployment error in the examples webapp by changing the\n context.xml format to the new one introduced by Tomcat 8. (bsc#1004728)\n - Enabled optional setenv.sh script. See section '(3.4) Using the "setenv"\n script' in <a rel=\"nofollow\" href=\"http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt\">http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt</a>.\n (bsc#1002639)\n - Fixed regression caused by CVE-2016-6816.\n\n", "cvss3": {}, "published": "2016-12-10T23:07:49", "type": "suse", "title": "Security update for tomcat (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-6816", "CVE-2016-5018", "CVE-2016-8735", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2016-12-10T23:07:49", "id": "SUSE-SU-2016:3079-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00036.html", "cvss": {"score": 4.6, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:LOW/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-14T02:02:38", "description": "This update for Tomcat provides the following fixes:\n\n Feature changes:\n\n The embedded Apache Commons DBCP component was updated to version 2.0.\n (bsc#1010893 fate#321029)\n\n Security fixes:\n - CVE-2016-0762: Realm Timing Attack (bsc#1007854)\n - CVE-2016-5018: Security Manager Bypass (bsc#1007855)\n - CVE-2016-6794: System Property Disclosure (bsc#1007857)\n - CVE-2016-6796: Manager Bypass (bsc#1007858)\n - CVE-2016-6797: Unrestricted Access to Global Resources (bsc#1007853)\n - CVE-2016-8735: Remote code execution vulnerability in\n JmxRemoteLifecycleListener (bsc#1011805)\n - CVE-2016-6816: HTTP Request smuggling vulnerability due to permitting\n invalid character in HTTP requests (bsc#1011812)\n\n Bugs fixed:\n - Fixed StringIndexOutOfBoundsException in WebAppClassLoaderBase.filter().\n (bsc#974407)\n - Fixed a deployment error in the examples webapp by changing the\n context.xml format to the new one introduced by Tomcat 8. (bsc#1004728)\n - Enabled optional setenv.sh script. See section '(3.4) Using the "setenv"\n script' in <a rel=\"nofollow\" href=\"http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt\">http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt</a>.\n (bsc#1002639)\n - Fixed regression caused by CVE-2016-6816.\n\n This update supplies the new packages apache-commons-pool2 and\n apache-commons-dbcp in version 2 to allow tomcat to use the DBCP 2.0\n interface.\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n", "cvss3": {}, "published": "2016-12-14T01:14:48", "type": "suse", "title": "Security update for tomcat (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-6816", "CVE-2016-5018", "CVE-2016-8735", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2016-12-14T01:14:48", "id": "OPENSUSE-SU-2016:3129-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00059.html", "cvss": {"score": 4.6, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:LOW/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-14T02:02:38", "description": "This update for tomcat fixes the following issues:\n\n Feature changes:\n\n The embedded Apache Commons DBCP component was updated to version 2.0.\n (bsc#1010893 fate#321029)\n\n Security fixes:\n - CVE-2016-0762: Realm Timing Attack (bsc#1007854)\n - CVE-2016-5018: Security Manager Bypass (bsc#1007855)\n - CVE-2016-6794: System Property Disclosure (bsc#1007857)\n - CVE-2016-6796: Security Manager Bypass (bsc#1007858)\n - CVE-2016-6797: Unrestricted Access to Global Resources (bsc#1007853)\n - CVE-2016-8735: Remote code execution vulnerability in\n JmxRemoteLifecycleListener (bsc#1011805)\n - CVE-2016-6816: HTTP Request smuggling vulnerability due to permitting\n invalid character in HTTP requests (bsc#1011812)\n\n Bug fixes:\n - Enabled optional setenv.sh script. See section '(3.4) Using the "setenv"\n script' in <a rel=\"nofollow\" href=\"http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt\">http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt</a>.\n (bsc#1002639)\n\n This update supplies the new packages apache-commons-pool2 and\n apache-commons-dbcp in version 2 to allow tomcat to use the DBCP 2.0\n interface.\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n", "cvss3": {}, "published": "2016-12-14T01:28:16", "type": "suse", "title": "Security update for tomcat (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-6816", "CVE-2016-5018", "CVE-2016-8735", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2016-12-14T01:28:16", "id": "OPENSUSE-SU-2016:3144-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00061.html", "cvss": {"score": 4.6, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:LOW/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-12T06:02:47", "description": "This update for tomcat fixes the following issues:\n\n Feature changes:\n\n The embedded Apache Commons DBCP component was updated to version 2.0.\n (bsc#1010893 fate#321029)\n\n Security fixes:\n - CVE-2016-0762: Realm Timing Attack (bsc#1007854)\n - CVE-2016-5018: Security Manager Bypass (bsc#1007855)\n - CVE-2016-6794: System Property Disclosure (bsc#1007857)\n - CVE-2016-6796: Security Manager Bypass (bsc#1007858)\n - CVE-2016-6797: Unrestricted Access to Global Resources (bsc#1007853)\n - CVE-2016-8735: Remote code execution vulnerability in\n JmxRemoteLifecycleListener (bsc#1011805)\n - CVE-2016-6816: HTTP Request smuggling vulnerability due to permitting\n invalid character in HTTP requests (bsc#1011812)\n\n Bug fixes:\n - Enabled optional setenv.sh script. See section '(3.4) Using the "setenv"\n script' in <a rel=\"nofollow\" href=\"http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt\">http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt</a>.\n (bsc#1002639)\n\n", "cvss3": {}, "published": "2016-12-10T23:11:58", "type": "suse", "title": "Security update for tomcat (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-6816", "CVE-2016-5018", "CVE-2016-8735", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2016-12-10T23:11:58", "id": "SUSE-SU-2016:3081-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00038.html", "cvss": {"score": 4.6, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:LOW/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-27T20:38:58", "description": "This update for openssl fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Also following bugs were fixed:\n * update expired S/MIME certs (bsc#979475)\n * improve s390x performance (bsc#982745)\n * allow >= 64GB AESGCM transfers (bsc#988591)\n * fix crash in print_notice (bsc#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n", "cvss3": {}, "published": "2016-09-27T19:11:34", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2016-09-27T19:11:34", "id": "SUSE-SU-2016:2394-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-10-06T21:27:36", "description": "This update for openssl1 fixes the following issues:\n\n penSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Also following bugs were fixed:\n * update expired S/MIME certs (bsc#979475)\n * improve s390x performance (bsc#982745)\n * fix crash in print_notice (bsc#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n", "cvss3": {}, "published": "2016-10-06T20:11:44", "type": "suse", "title": "Security update for openssl1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2016-10-06T20:11:44", "id": "SUSE-SU-2016:2469-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-28T13:27:47", "description": "This update for openssl fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Also following bugs were fixed:\n * update expired S/MIME certs (bsc#979475)\n * improve s390x performance (bsc#982745)\n * allow >= 64GB AESGCM transfers (bsc#988591)\n * fix crash in print_notice (bsc#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n", "cvss3": {}, "published": "2016-09-28T12:10:35", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2016-09-28T12:10:35", "id": "OPENSUSE-SU-2016:2407-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T20:38:56", "description": "This update for openssl fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Also following bugs were fixed:\n * update expired S/MIME certs (bsc#979475)\n * improve s390x performance (bsc#982745)\n * allow >= 64GB AESGCM transfers (bsc#988591)\n * fix crash in print_notice (bsc#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n", "cvss3": {}, "published": "2016-09-26T19:10:10", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2016-09-26T19:10:10", "id": "SUSE-SU-2016:2387-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-27T12:38:56", "description": "This update for openssl fixes the following issues:\n\n\n OpenSSL Security Advisory [22 Sep 2016] (boo#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (boo#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (boo#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (boo#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (boo#994844)\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (boo#990419)\n * DTLS replay protection DoS (CVE-2016-2181) (boo#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (boo#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (boo#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (boo#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (boo#995377)\n * Certificate message OOB reads (CVE-2016-6306) (boo#999668)\n\n More information can be found on\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n * update expired S/MIME certs (boo#979475)\n * allow >= 64GB AESGCM transfers (boo#988591)\n * fix crash in print_notice (boo#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (boo#995075)\n\n", "cvss3": {}, "published": "2016-09-27T11:09:12", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2016-09-27T11:09:12", "id": "OPENSUSE-SU-2016:2391-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-10-06T21:27:36", "description": "This update for compat-openssl098 fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Bugs fixed:\n * update expired S/MIME certs (bsc#979475)\n * fix crash in print_notice (bsc#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n", "cvss3": {}, "published": "2016-10-06T20:09:29", "type": "suse", "title": "Security update for compat-openssl098 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2016-10-06T20:09:29", "id": "SUSE-SU-2016:2468-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-10-05T17:27:35", "description": "This update for openssl fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behavior (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Bugs fixed:\n * Update expired S/MIME certs (bsc#979475)\n * Fix crash in print_notice (bsc#998190)\n * Resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n", "cvss3": {}, "published": "2016-10-05T18:09:41", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2016-10-05T18:09:41", "id": "SUSE-SU-2016:2458-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-10-14T13:27:46", "description": "This update for compat-openssl098 fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Bugs fixed:\n * update expired S/MIME certs (bsc#979475)\n * fix crash in print_notice (bsc#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "cvss3": {}, "published": "2016-10-14T15:09:07", "type": "suse", "title": "Security update for compat-openssl098 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2016-10-14T15:09:07", "id": "OPENSUSE-SU-2016:2537-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2020-01-31T18:28:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-02-22T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for tomcat (openSUSE-SU-2016:3144-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-6816", "CVE-2016-5018", "CVE-2016-8735", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851503", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851503", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851503\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-02-22 15:16:02 +0100 (Wed, 22 Feb 2017)\");\n script_cve_id(\"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\", \"CVE-2016-6796\",\n \"CVE-2016-6797\", \"CVE-2016-6816\", \"CVE-2016-8735\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for tomcat (openSUSE-SU-2016:3144-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for tomcat fixes the following issues:\n\n Feature changes:\n\n The embedded Apache Commons DBCP component was updated to version 2.0.\n (bsc#1010893 fate#321029)\n\n Security fixes:\n\n - CVE-2016-0762: Realm Timing Attack (bsc#1007854)\n\n - CVE-2016-5018: Security Manager Bypass (bsc#1007855)\n\n - CVE-2016-6794: System Property Disclosure (bsc#1007857)\n\n - CVE-2016-6796: Security Manager Bypass (bsc#1007858)\n\n - CVE-2016-6797: Unrestricted Access to Global Resources (bsc#1007853)\n\n - CVE-2016-8735: Remote code execution vulnerability in\n JmxRemoteLifecycleListener (bsc#1011805)\n\n - CVE-2016-6816: HTTP Request smuggling vulnerability due to permitting\n invalid character in HTTP requests (bsc#1011812)\n\n Bug fixes:\n\n - Enabled optional setenv.sh script. See section '(3.4) Using the 'setenv'\n script' in the linked documentation. (bsc#1002639)\n\n This update supplies the new packages apache-commons-pool2 and\n apache-commons-dbcp in version 2 to allow tomcat to use the DBCP 2.0\n interface.\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\");\n\n script_tag(name:\"affected\", value:\"tomcat on openSUSE Leap 42.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:3144-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.2\");\n\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-dbcp\", rpm:\"apache-commons-dbcp~2.1.1~2.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-dbcp-javadoc\", rpm:\"apache-commons-dbcp-javadoc~2.1.1~2.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-pool2\", rpm:\"apache-commons-pool2~2.4.2~2.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-pool2-javadoc\", rpm:\"apache-commons-pool2-javadoc~2.4.2~2.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-admin-webapps\", rpm:\"tomcat-admin-webapps~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-docs-webapp\", rpm:\"tomcat-docs-webapp~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-el-3_0-api\", rpm:\"tomcat-el-3_0-api~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-embed\", rpm:\"tomcat-embed~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-javadoc\", rpm:\"tomcat-javadoc~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-jsp-2_3-api\", rpm:\"tomcat-jsp-2_3-api~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-jsvc\", rpm:\"tomcat-jsvc~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-lib\", rpm:\"tomcat-lib~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-servlet-3_1-api\", rpm:\"tomcat-servlet-3_1-api~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-webapps\", rpm:\"tomcat-webapps~8.0.36~4.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:36:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-14T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for tomcat (openSUSE-SU-2016:3129-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-6816", "CVE-2016-5018", "CVE-2016-8735", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851455", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851455", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851455\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-12-14 05:55:01 +0100 (Wed, 14 Dec 2016)\");\n script_cve_id(\"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\", \"CVE-2016-6796\",\n \"CVE-2016-6797\", \"CVE-2016-6816\", \"CVE-2016-8735\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for tomcat (openSUSE-SU-2016:3129-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for Tomcat provides the following fixes:\n\n Feature changes:\n\n The embedded Apache Commons DBCP component was updated to version 2.0.\n (bsc#1010893 fate#321029)\n\n Security fixes:\n\n - CVE-2016-0762: Realm Timing Attack (bsc#1007854)\n\n - CVE-2016-5018: Security Manager Bypass (bsc#1007855)\n\n - CVE-2016-6794: System Property Disclosure (bsc#1007857)\n\n - CVE-2016-6796: Manager Bypass (bsc#1007858)\n\n - CVE-2016-6797: Unrestricted Access to Global Resources (bsc#1007853)\n\n - CVE-2016-8735: Remote code execution vulnerability in\n JmxRemoteLifecycleListener (bsc#1011805)\n\n - CVE-2016-6816: HTTP Request smuggling vulnerability due to permitting\n invalid character in HTTP requests (bsc#1011812)\n\n Bugs fixed:\n\n - Fixed StringIndexOutOfBoundsException in WebAppClassLoaderBase.filter().\n (bsc#974407)\n\n - Fixed a deployment error in the examples webapp by changing the\n context.xml format to the new one introduced by Tomcat 8. (bsc#1004728)\n\n - Enabled optional setenv.sh script. See section '(3.4) Using the 'setenv'\n script' in the referenced documentation. (bsc#1002639)\n\n - Fixed regression caused by CVE-2016-6816.\n\n This update supplies the new packages apache-commons-pool2 and\n apache-commons-dbcp in version 2 to allow tomcat to use the DBCP 2.0\n interface.\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\");\n\n script_tag(name:\"affected\", value:\"tomcat on openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:3129-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-dbcp\", rpm:\"apache-commons-dbcp~2.1.1~2.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-dbcp-javadoc\", rpm:\"apache-commons-dbcp-javadoc~2.1.1~2.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-pool2\", rpm:\"apache-commons-pool2~2.4.2~2.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-pool2-javadoc\", rpm:\"apache-commons-pool2-javadoc~2.4.2~2.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-admin-webapps\", rpm:\"tomcat-admin-webapps~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-docs-webapp\", rpm:\"tomcat-docs-webapp~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-el-3_0-api\", rpm:\"tomcat-el-3_0-api~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-embed\", rpm:\"tomcat-embed~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-javadoc\", rpm:\"tomcat-javadoc~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-jsp-2_3-api\", rpm:\"tomcat-jsp-2_3-api~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-jsvc\", rpm:\"tomcat-jsvc~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-lib\", rpm:\"tomcat-lib~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-servlet-3_1-api\", rpm:\"tomcat-servlet-3_1-api~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-webapps\", rpm:\"tomcat-webapps~8.0.32~11.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-3087-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842896", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842896", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for openssl USN-3087-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842896\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-23 05:42:26 +0200 (Fri, 23 Sep 2016)\");\n script_cve_id(\"CVE-2016-6304\", \"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\",\n \t\t\"CVE-2016-2180\", \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2183\",\n \t\t\"CVE-2016-6302\", \"CVE-2016-6303\", \"CVE-2016-6306\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for openssl USN-3087-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Shi Lei discovered that OpenSSL incorrectly\n handled the OCSP Status Request extension. A remote attacker could possibly use\n this issue to cause memory consumption, resulting in a denial of service.\n (CVE-2016-6304)\n\nGuido Vranken discovered that OpenSSL used undefined behaviour when\nperforming pointer arithmetic. A remote attacker could possibly use this\nissue to cause OpenSSL to crash, resulting in a denial of service. This\nissue has only been addressed in Ubuntu 16.04 LTS in this update.\n(CVE-2016-2177)\n\nCé sar Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL\ndid not properly use constant-time operations when performing DSA signing.\nA remote attacker could possibly use this issue to perform a cache-timing\nattack and recover private DSA keys. (CVE-2016-2178)\n\nQuan Luo discovered that OpenSSL did not properly restrict the lifetime\nof queue entries in the DTLS implementation. A remote attacker could\npossibly use this issue to consume memory, resulting in a denial of\nservice. (CVE-2016-2179)\n\nShi Lei discovered that OpenSSL incorrectly handled memory in the\nTS_OBJ_print_bio() function. A remote attacker could possibly use this\nissue to cause a denial of service. (CVE-2016-2180)\n\nIt was discovered that the OpenSSL incorrectly handled the DTLS anti-replay\nfeature. A remote attacker could possibly use this issue to cause a denial\nof service. (CVE-2016-2181)\n\nShi Lei discovered that OpenSSL incorrectly validated division results. A\nremote attacker could possibly use this issue to cause a denial of service.\n(CVE-2016-2182)\n\nKarthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\nciphers were vulnerable to birthday attacks. A remote attacker could\npossibly use this flaw to obtain clear text data from long encrypted\nsessions. This update moves DES from the HIGH cipher list to MEDIUM.\n(CVE-2016-2183)\n\nShi Lei discovered that OpenSSL incorrectly handled certain ticket lengths.\nA remote attacker could use this issue to cause a denial of service.\n(CVE-2016-6302)\n\nShi Lei discovered that OpenSSL incorrectly handled memory in the\nMDC2_Update() function. A remote attacker could possibly use this issue to\ncause a denial of service. (CVE-2016-6303)\n\nShi Lei discovered that OpenSSL incorrectly performed certain message\nlength checks. A remote attacker could possibly use this issue to cause a\ndenial of service. (CVE-2016-6306)\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3087-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3087-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1f-1ubuntu2.20\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1f-1ubuntu2.20\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1-4ubuntu5.37\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1-4ubuntu5.37\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.2g-1ubuntu4.4\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.2g-1ubuntu4.4\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T18:34:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-28T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl (openSUSE-SU-2016:2391-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851397", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851397", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851397\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-09-28 05:44:49 +0200 (Wed, 28 Sep 2016)\");\n script_cve_id(\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\",\n \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2183\", \"CVE-2016-6302\",\n \"CVE-2016-6303\", \"CVE-2016-6304\", \"CVE-2016-6306\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for openssl (openSUSE-SU-2016:2391-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (boo#999665)\n\n Severity: High\n\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (boo#999666)\n\n Severity: Low\n\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (boo#982575)\n\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (boo#983249)\n\n * DTLS buffered message DoS (CVE-2016-2179) (boo#994844)\n\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (boo#990419)\n\n * DTLS replay protection DoS (CVE-2016-2181) (boo#994749)\n\n * OOB write in BN_bn2dec() (CVE-2016-2182) (boo#993819)\n\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (boo#995359)\n\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (boo#995324)\n\n * OOB write in MDC2_Update() (CVE-2016-6303) (boo#995377)\n\n * Certificate message OOB reads (CVE-2016-6306) (boo#999668)\n\n More information can be found on the referenced vendor advisory.\n\n * update expired S/MIME certs (boo#979475)\n\n * allow = 64GB AESGCM transfers (boo#988591)\n\n * fix crash in print_notice (boo#998190)\n\n * resume reading from /dev/urandom when interrupted by a signal\n (boo#995075)\");\n\n script_tag(name:\"affected\", value:\"openssl on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2391-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20160922.txt\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac\", rpm:\"libopenssl1_0_0-hmac~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac-32bit\", rpm:\"libopenssl1_0_0-hmac-32bit~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1k~2.39.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-24T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-3087-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842898", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842898", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for openssl USN-3087-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842898\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-24 05:38:36 +0200 (Sat, 24 Sep 2016)\");\n script_cve_id(\"CVE-2016-2182\", \"CVE-2016-6304\", \"CVE-2016-2177\", \"CVE-2016-2178\",\n\t\t\"CVE-2016-2179\", \"CVE-2016-2180\", \"CVE-2016-2181\", \"CVE-2016-2183\",\n\t\t\"CVE-2016-6302\", \"CVE-2016-6303\", \"CVE-2016-6306\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for openssl USN-3087-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3087-1 fixed vulnerabilities in OpenSSL.\n The fix for CVE-2016-2182 was incomplete and caused a regression when parsing\n certificates. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nShi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request\nextension. A remote attacker could possibly use this issue to cause memory\nconsumption, resulting in a denial of service. (CVE-2016-6304)\nGuido Vranken discovered that OpenSSL used undefined behaviour when\nperforming pointer arithmetic. A remote attacker could possibly use this\nissue to cause OpenSSL to crash, resulting in a denial of service. This\nissue has only been addressed in Ubuntu 16.04 LTS in this update.\n(CVE-2016-2177)\nCé sar Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL\ndid not properly use constant-time operations when performing DSA signing.\nA remote attacker could possibly use this issue to perform a cache-timing\nattack and recover private DSA keys. (CVE-2016-2178)\nQuan Luo discovered that OpenSSL did not properly restrict the lifetime\nof queue entries in the DTLS implementation. A remote attacker could\npossibly use this issue to consume memory, resulting in a denial of\nservice. (CVE-2016-2179)\nShi Lei discovered that OpenSSL incorrectly handled memory in the\nTS_OBJ_print_bio() function. A remote attacker could possibly use this\nissue to cause a denial of service. (CVE-2016-2180)\nIt was discovered that the OpenSSL incorrectly handled the DTLS anti-replay\nfeature. A remote attacker could possibly use this issue to cause a denial\nof service. (CVE-2016-2181)\nShi Lei discovered that OpenSSL incorrectly validated division results. A\nremote attacker could possibly use this issue to cause a denial of service.\n(CVE-2016-2182)\nKarthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\nciphers were vulnerable to birthday attacks. A remote attacker could\npossibly use this flaw to obtain clear text data from long encrypted\nsessions. This update moves DES from the HIGH cipher list to MEDIUM.\n(CVE-2016-2183)\nShi Lei discovered that OpenSSL incorrectly handled certain ticket lengths.\nA remote attacker could use this issue to cause a denial of service.\n(CVE-2016-6302)\nShi Lei discovered that OpenSSL incorrectly handled memory in the\nMDC2_Update() function. A remote attacker could possibly use this issue to\ncause a denial of service. (CVE-2016-6303)\nShi Lei discovered that OpenSSL incorrectly performed certain message\nlength checks. A remote attacker could possibly use this issue to cause a\ndenial of service. (CVE-2016-6306)\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3087-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3087-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1f-1ubuntu2.21\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1f-1ubuntu2.21\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1-4ubuntu5.38\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1-4ubuntu5.38\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.2g-1ubuntu4.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.2g-1ubuntu4.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T18:36:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-29T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl (openSUSE-SU-2016:2407-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851399", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851399", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851399\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-09-29 05:43:57 +0200 (Thu, 29 Sep 2016)\");\n script_cve_id(\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\",\n \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2183\", \"CVE-2016-6302\",\n \"CVE-2016-6303\", \"CVE-2016-6304\", \"CVE-2016-6306\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for openssl (openSUSE-SU-2016:2407-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)\n\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n Also following bugs were fixed:\n\n * update expired S/MIME certs (bsc#979475)\n\n * improve s390x performance (bsc#982745)\n\n * allow = 64GB AESGCM transfers (bsc#988591)\n\n * fix crash in print_notice (bsc#998190)\n\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\");\n\n script_tag(name:\"affected\", value:\"openssl on openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2407-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac\", rpm:\"libopenssl1_0_0-hmac~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac-32bit\", rpm:\"libopenssl1_0_0-hmac-32bit~1.0.1i~18.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-24T12:55:07", "description": "Several vulnerabilities were discovered\nin OpenSSL:\n\nCVE-2016-2177Guido Vranken discovered that OpenSSL uses undefined pointer\narithmetic. Additional information can be found at\nhttps://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/CVE-2016-2178 \nCesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\nleak in the DSA code.\n\nCVE-2016-2179 / CVE-2016-2181 \nQuan Luo and the OCAP audit team discovered denial of service\nvulnerabilities in DTLS.\n\nCVE-2016-2180 / CVE-2016-2182 / CVE-2016-6303 \nShi Lei discovered an out-of-bounds memory read in\nTS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec()\nand MDC2_Update().\n\nCVE-2016-2183 \nDES-based cipher suites are demoted from the HIGH group to MEDIUM\nas a mitigation for the SWEET32 attack.\n\nCVE-2016-6302 \nShi Lei discovered that the use of SHA512 in TLS session tickets\nis susceptible to denial of service.\n\nCVE-2016-6304 \nShi Lei discovered that excessively large OCSP status request may\nresult in denial of service via memory exhaustion.\n\nCVE-2016-6306 \nShi Lei discovered that missing message length validation when parsing\ncertificates may potentially result in denial of service.", "cvss3": {}, "published": "2016-09-22T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3673-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703673", "href": "http://plugins.openvas.org/nasl.php?oid=703673", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3673.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3673-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703673);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\",\n \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2183\", \"CVE-2016-6302\",\n \"CVE-2016-6303\", \"CVE-2016-6304\", \"CVE-2016-6306\");\n script_name(\"Debian Security Advisory DSA 3673-1 (openssl - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-09-22 00:00:00 +0200 (Thu, 22 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3673.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"openssl on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is part of the OpenSSL\nproject's implementation of the SSL and TLS cryptographic protocols for secure\ncommunication over the Internet.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 1.0.1t-1+deb8u4.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered\nin OpenSSL:\n\nCVE-2016-2177Guido Vranken discovered that OpenSSL uses undefined pointer\narithmetic. Additional information can be found at\nhttps://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/CVE-2016-2178 \nCesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\nleak in the DSA code.\n\nCVE-2016-2179 / CVE-2016-2181 \nQuan Luo and the OCAP audit team discovered denial of service\nvulnerabilities in DTLS.\n\nCVE-2016-2180 / CVE-2016-2182 / CVE-2016-6303 \nShi Lei discovered an out-of-bounds memory read in\nTS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec()\nand MDC2_Update().\n\nCVE-2016-2183 \nDES-based cipher suites are demoted from the HIGH group to MEDIUM\nas a mitigation for the SWEET32 attack.\n\nCVE-2016-6302 \nShi Lei discovered that the use of SHA512 in TLS session tickets\nis susceptible to denial of service.\n\nCVE-2016-6304 \nShi Lei discovered that excessively large OCSP status request may\nresult in denial of service via memory exhaustion.\n\nCVE-2016-6306 \nShi Lei discovered that missing message length validation when parsing\ncertificates may potentially result in denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed\nsoftware version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libssl-dev:amd64\", ver:\"1.0.1t-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev:i386\", ver:\"1.0.1t-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1t-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1t-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1t-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg:amd64\", ver:\"1.0.1t-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg:i386\", ver:\"1.0.1t-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1t-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl-dbgsym\", ver:\"1.0.1t-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:28", "description": "Several vulnerabilities were discovered\nin OpenSSL:\n\nCVE-2016-2177\nGuido Vranken discovered that OpenSSL uses undefined pointer\narithmetic.\n\nCVE-2016-2178\nCesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\nleak in the DSA code.\n\nCVE-2016-2179 / CVE-2016-2181\nQuan Luo and the OCAP audit team discovered denial of service\nvulnerabilities in DTLS.\n\nCVE-2016-2180 / CVE-2016-2182 / CVE-2016-6303\nShi Lei discovered an out-of-bounds memory read in\nTS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec()\nand MDC2_Update().\n\nCVE-2016-2183\nDES-based cipher suites are demoted from the HIGH group to MEDIUM\nas a mitigation for the SWEET32 attack.\n\nCVE-2016-6302\nShi Lei discovered that the use of SHA512 in TLS session tickets\nis susceptible to denial of service.\n\nCVE-2016-6304\nShi Lei discovered that excessively large OCSP status request may\nresult in denial of service via memory exhaustion.\n\nCVE-2016-6306\nShi Lei discovered that missing message length validation when parsing\ncertificates may potentially result in denial of service.", "cvss3": {}, "published": "2016-09-22T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3673-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703673", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703673", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3673.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3673-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703673\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\",\n \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2183\", \"CVE-2016-6302\",\n \"CVE-2016-6303\", \"CVE-2016-6304\", \"CVE-2016-6306\");\n script_name(\"Debian Security Advisory DSA 3673-1 (openssl - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-22 00:00:00 +0200 (Thu, 22 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3673.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 1.0.1t-1+deb8u4.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered\nin OpenSSL:\n\nCVE-2016-2177\nGuido Vranken discovered that OpenSSL uses undefined pointer\narithmetic.\n\nCVE-2016-2178\nCesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\nleak in the DSA code.\n\nCVE-2016-2179 / CVE-2016-2181\nQuan Luo and the OCAP audit team discovered denial of service\nvulnerabilities in DTLS.\n\nCVE-2016-2180 / CVE-2016-2182 / CVE-2016-6303\nShi Lei discovered an out-of-bounds memory read in\nTS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec()\nand MDC2_Update().\n\nCVE-2016-2183\nDES-based cipher suites are demoted from the HIGH group to MEDIUM\nas a mitigation for the SWEET32 attack.\n\nCVE-2016-6302\nShi Lei discovered that the use of SHA512 in TLS session tickets\nis susceptible to denial of service.\n\nCVE-2016-6304\nShi Lei discovered that excessively large OCSP status request may\nresult in denial of service via memory exhaustion.\n\nCVE-2016-6306\nShi Lei discovered that missing message length validation when parsing\ncertificates may potentially result in denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed\nsoftware version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libssl-dev:amd64\", ver:\"1.0.1t-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev:i386\", ver:\"1.0.1t-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1t-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1t-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1t-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg:amd64\", ver:\"1.0.1t-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg:i386\", ver:\"1.0.1t-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1t-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl-dbgsym\", ver:\"1.0.1t-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T18:36:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-10-15T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for compat-openssl098 (openSUSE-SU-2016:2537-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851412", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851412", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851412\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-10-15 05:53:17 +0200 (Sat, 15 Oct 2016)\");\n script_cve_id(\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2181\",\n \"CVE-2016-2182\", \"CVE-2016-2183\", \"CVE-2016-6302\", \"CVE-2016-6303\",\n \"CVE-2016-6304\", \"CVE-2016-6306\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for compat-openssl098 (openSUSE-SU-2016:2537-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'compat-openssl098'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for compat-openssl098 fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on the linked vendor advisory.\n\n Bugs fixed:\n\n * update expired S/MIME certs (bsc#979475)\n\n * fix crash in print_notice (bsc#998190)\n\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n This update was imported from the SUSE:SLE-12:Update update project.\");\n\n script_tag(name:\"affected\", value:\"compat-openssl098 on openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:2537-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20160922.txt\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"compat-openssl098-debugsource\", rpm:\"compat-openssl098-debugsource~0.9.8j~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo\", rpm:\"libopenssl0_9_8-debuginfo~0.9.8j~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo-32bit\", rpm:\"libopenssl0_9_8-debuginfo-32bit~0.9.8j~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:44", "description": "Check the version of openssl", "cvss3": {}, "published": "2016-10-05T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2016:1940 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882569", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882569", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2016:1940 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882569\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-05 15:43:10 +0530 (Wed, 05 Oct 2016)\");\n script_cve_id(\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\",\n \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-6302\", \"CVE-2016-6304\",\n \"CVE-2016-6306\", \"CVE-2016-2183\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2016:1940 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\nSecure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols,\nas well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n * A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n * It was discovered that OpenSSL did not always use constant time\noperations when computing Digital Signature Algorithm (DSA) signatures. A\nlocal attacker could possibly use this flaw to obtain a private DSA key\nbelonging to another user or service running on the same system.\n(CVE-2016-2178)\n\n * It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory.\n(CVE-2016-2179)\n\n * A flaw was found in the Datagram TLS (DTLS) replay protection\nimplementation in OpenSSL. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n * An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. An attacker able to make an application using OpenSSL to process\na large BIGNUM could cause the application to crash or, possibly, execute\narbitrary code. (CVE-2016-2182)\n\n * A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string.\nFuture updates may move them to MEDIUM or not enable them by default.\n\n * An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. A remote attacker could use this\nflaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for\nsession tickets. (CVE-2016-6302)\n\n * Multiple integer overflow f ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:1940\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-September/022098.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~48.el6_8.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~48.el6_8.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~48.el6_8.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~48.el6_8.3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-10-05T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2016:1940-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871663", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871663", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2016:1940-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871663\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-05 15:43:03 +0530 (Wed, 05 Oct 2016)\");\n script_cve_id(\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\",\n \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-6302\", \"CVE-2016-6304\",\n \"CVE-2016-6306\", \"CVE-2016-2183\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssl RHSA-2016:1940-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\nSecure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well\nas a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n * A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n * It was discovered that OpenSSL did not always use constant time\noperations when computing Digital Signature Algorithm (DSA) signatures. A\nlocal attacker could possibly use this flaw to obtain a private DSA key\nbelonging to another user or service running on the same system.\n(CVE-2016-2178)\n\n * It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory.\n(CVE-2016-2179)\n\n * A flaw was found in the Datagram TLS (DTLS) replay protection\nimplementation in OpenSSL. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n * An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. An attacker able to make an application using OpenSSL to process\na large BIGNUM could cause the application to crash or, possibly, execute\narbitrary code. (CVE-2016-2182)\n\n * A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string.\nFuture updates may move them to MEDIUM or not enable them by default.\n\n * An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. A remo ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"openssl on\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:1940-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-September/msg00029.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~51.el7_2.7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~51.el7_2.7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~51.el7_2.7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~51.el7_2.7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~48.el6_8.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~48.el6_8.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~48.el6_8.3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:52", "description": "Check the version of openssl", "cvss3": {}, "published": "2016-09-29T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2016:1940 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882566", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882566", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2016:1940 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882566\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-29 05:43:25 +0200 (Thu, 29 Sep 2016)\");\n script_cve_id(\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\",\n \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-6302\", \"CVE-2016-6304\",\n \"CVE-2016-6306\", \"CVE-2016-2183\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2016:1940 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\nSecure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols,\nas well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n * A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n * It was discovered that OpenSSL did not always use constant time\noperations when computing Digital Signature Algorithm (DSA) signatures. A\nlocal attacker could possibly use this flaw to obtain a private DSA key\nbelonging to another user or service running on the same system.\n(CVE-2016-2178)\n\n * It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory.\n(CVE-2016-2179)\n\n * A flaw was found in the Datagram TLS (DTLS) replay protection\nimplementation in OpenSSL. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n * An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. An attacker able to make an application using OpenSSL to process\na large BIGNUM could cause the application to crash or, possibly, execute\narbitrary code. (CVE-2016-2182)\n\n * A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string.\nFuture updates may move them to MEDIUM or not enable them by default.\n\n * An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. A remote attacker could use this\nflaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for\nsession tickets. (CVE-2016-6302)\n\n * Multiple integer overflow f ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:1940\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-September/022096.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~51.el7_2.7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~51.el7_2.7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~51.el7_2.7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~51.el7_2.7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~51.el7_2.7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:41:25", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2016-1047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220161047", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220161047", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2016.1047\");\n script_version(\"2020-01-23T10:40:46+0000\");\n script_cve_id(\"CVE-2016-2177\", \"CVE-2016-2178\", \"CVE-2016-2179\", \"CVE-2016-2180\", \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-6302\", \"CVE-2016-6304\", \"CVE-2016-6306\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:40:46 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:40:46 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2016-1047)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2016-1047\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1047\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2016-1047 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.(CVE-2016-2177)\n\nThe dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.(CVE-2016-2178)\n\nThe DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.(CVE-2016-2179)\n\nThe TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the 'openssl ts' command.(CVE-2016-2180)\n\nThe Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c.(CVE-2016-2181)\n\nThe BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.(CVE-2016-2182)\n\nThe tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.(CVE-2016-6302)\n\nMultiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.(CVE-2016-6304)\n\nThe certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.(CVE-2016-6306)\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~51.7\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~51.7\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~51.7\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat FEDORA-2016-c1b01b9278", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-5425", "CVE-2016-6325", "CVE-2016-0762", "CVE-2016-5388", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310810182", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810182", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat FEDORA-2016-c1b01b9278\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810182\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:04:29 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-5388\", \"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\",\n \"CVE-2016-6796\", \"CVE-2016-6797\", \"CVE-2016-5425\", \"CVE-2016-6325\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for tomcat FEDORA-2016-c1b01b9278\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"tomcat on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-c1b01b9278\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WKLL2TYSF35YFKF6JOELFKM53BYL4JI\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~8.0.38~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat FEDORA-2016-4094bd4ad6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-5425", "CVE-2016-6325", "CVE-2016-0762", "CVE-2016-5388", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310810184", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810184", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat FEDORA-2016-4094bd4ad6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810184\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:06:43 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-5388\", \"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\",\n \"CVE-2016-6796\", \"CVE-2016-6797\", \"CVE-2016-5425\", \"CVE-2016-6325\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for tomcat FEDORA-2016-4094bd4ad6\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"tomcat on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-4094bd4ad6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOEGHEDVEKGRMKYS6JG77SLPE77B55B\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~8.0.38~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat FEDORA-2016-38e5b05260", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-5425", "CVE-2016-6325", "CVE-2016-0762", "CVE-2016-5388", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871971", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871971", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat FEDORA-2016-38e5b05260\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871971\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:22:06 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-5388\", \"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\", \"CVE-2016-6796\", \"CVE-2016-6797\", \"CVE-2016-5425\", \"CVE-2016-6325\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for tomcat FEDORA-2016-38e5b05260\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"tomcat on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-38e5b05260\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFS2BJI4QFOEFD7TDDAJQCMXX77ZWNZ6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~8.0.38~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T22:55:30", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2016-10-26T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-755)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120744", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120744", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120744\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-10-26 15:38:28 +0300 (Wed, 26 Oct 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-755)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in OpenSSL. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update openssl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-755.html\");\n script_cve_id(\"CVE-2016-2179\", \"CVE-2016-2178\", \"CVE-2016-6302\", \"CVE-2016-2181\", \"CVE-2016-6306\", \"CVE-2016-2183\", \"CVE-2016-2182\", \"CVE-2016-2177\", \"CVE-2016-2180\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1k~15.96.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~15.96.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~15.96.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1k~15.96.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1k~15.96.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:17", "description": "Multiple security vulnerabilities have\nbeen discovered in the Tomcat servlet and JSP engine, which may result in possible\ntiming attacks to determine valid user names, bypass of the SecurityManager,\ndisclosure of system properties, unrestricted access to global resources, arbitrary\nfile overwrites, and potentially escalation of privileges.", "cvss3": {}, "published": "2016-11-21T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3720-1 (tomcat8 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703720", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703720", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3720.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3720-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703720\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\", \"CVE-2016-6796\",\n \"CVE-2016-6797\");\n script_name(\"Debian Security Advisory DSA 3720-1 (tomcat8 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-21 00:00:00 +0100 (Mon, 21 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3720.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"tomcat8 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 8.0.14-1+deb8u4.\n\nWe recommend that you upgrade your tomcat8 packages.\");\n script_tag(name:\"summary\", value:\"Multiple security vulnerabilities have\nbeen discovered in the Tomcat servlet and JSP engine, which may result in possible\ntiming attacks to determine valid user names, bypass of the SecurityManager,\ndisclosure of system properties, unrestricted access to global resources, arbitrary\nfile overwrites, and potentially escalation of privileges.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libservlet3.1-java\", ver:\"8.0.14-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet3.1-java-doc\", ver:\"8.0.14-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat8-java\", ver:\"8.0.14-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat8\", ver:\"8.0.14-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat8-admin\", ver:\"8.0.14-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat8-common\", ver:\"8.0.14-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat8-docs\", ver:\"8.0.14-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat8-examples\", ver:\"8.0.14-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat8-user\", ver:\"8.0.14-1+deb8u4\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:50", "description": "Multiple security vulnerabilities have been\ndiscovered in the Tomcat servlet and JSP engine, which may result in possible timing\nattacks to determine valid user names, bypass of the SecurityManager, disclosure of\nsystem properties, unrestricted access to global resources, arbitrary file overwrites,\nand potentially escalation of privileges.", "cvss3": {}, "published": "2016-11-21T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3721-1 (tomcat7 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703721", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703721", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3721.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3721-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703721\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\", \"CVE-2016-6796\",\n \"CVE-2016-6797\");\n script_name(\"Debian Security Advisory DSA 3721-1 (tomcat7 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-21 00:00:00 +0100 (Mon, 21 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3721.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"tomcat7 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these\nproblems have been fixed in version 7.0.56-3+deb8u5.\n\nWe recommend that you upgrade your tomcat7 packages.\");\n script_tag(name:\"summary\", value:\"Multiple security vulnerabilities have been\ndiscovered in the Tomcat servlet and JSP engine, which may result in possible timing\nattacks to determine valid user names, bypass of the SecurityManager, disclosure of\nsystem properties, unrestricted access to global resources, arbitrary file overwrites,\nand potentially escalation of privileges.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libservlet3.0-java\", ver:\"7.0.56-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libservlet3.0-java-doc\", ver:\"7.0.56-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.56-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7\", ver:\"7.0.56-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-admin\", ver:\"7.0.56-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-common\", ver:\"7.0.56-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-docs\", ver:\"7.0.56-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-examples\", ver:\"7.0.56-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tomcat7-user\", ver:\"7.0.56-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-14T18:40:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-04T00:00:00", "type": "openvas", "title": "RedHat Update for tomcat RHSA-2017:2247-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310871857", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871857", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871857\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-08-04 12:46:46 +0530 (Fri, 04 Aug 2017)\");\n script_cve_id(\"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\", \"CVE-2016-6796\",\n \"CVE-2016-6797\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for tomcat RHSA-2017:2247-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container for the\n Java Servlet and JavaServer Pages (JSP) technologies. The following packages\n have been upgraded to a later upstream version: tomcat (7.0.76). (BZ#1414895)\n Security Fix(es): * The Realm implementations did not process the supplied\n password if the supplied user name did not exist. This made a timing attack\n possible to determine valid user names. Note that the default configuration\n includes the LockOutRealm which makes exploitation of this vulnerability harder.\n (CVE-2016-0762) * It was discovered that a malicious web application could\n bypass a configured SecurityManager via a Tomcat utility method that was\n accessible to web applications. (CVE-2016-5018) * It was discovered that when a\n SecurityManager was configured, Tomcat's system property replacement feature for\n configuration files could be used by a malicious web application to bypass the\n SecurityManager and read system properties that should not be visible.\n (CVE-2016-6794) * It was discovered that a malicious web application could\n bypass a configured SecurityManager via manipulation of the configuration\n parameters for the JSP Servlet. (CVE-2016-6796) * It was discovered that it was\n possible for a web application to access any global JNDI resource whether an\n explicit ResourceLink had been configured or not. (CVE-2016-6797) Additional\n Changes: For detailed information on changes in this release, see the Red Hat\n Enterprise Linux 7.4 Release Notes linked from the References section.\");\n script_tag(name:\"affected\", value:\"tomcat on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:2247-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-August/msg00033.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~7.0.76~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-admin-webapps\", rpm:\"tomcat-admin-webapps~7.0.76~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-el-2.2-api\", rpm:\"tomcat-el-2.2-api~7.0.76~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-jsp-2.2-api\", rpm:\"tomcat-jsp-2.2-api~7.0.76~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-lib\", rpm:\"tomcat-lib~7.0.76~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-servlet-3.0-api\", rpm:\"tomcat-servlet-3.0-api~7.0.76~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-webapps\", rpm:\"tomcat-webapps~7.0.76~2.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-09-04T14:19:06", "description": "Multiple security vulnerabilities have been\ndiscovered in the Tomcat servlet and JSP engine, which may result in possible timing\nattacks to determine valid user names, bypass of the SecurityManager, disclosure of\nsystem properties, unrestricted access to global resources, arbitrary file overwrites,\nand potentially escalation of privileges.", "cvss3": {}, "published": "2016-11-21T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3721-1 (tomcat7 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2017-08-31T00:00:00", "id": "OPENVAS:703721", "href": "http://plugins.openvas.org/nasl.php?oid=703721", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3721.nasl 7026 2017-08-31 06:13:04Z asteins $\n# Auto-generated from advisory DSA 3721-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703721);\n script_version(\"$Revision: 7026 $\");\n script_cve_id(\"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\", \"CVE-2016-6796\",\n \"CVE-2016-6797\");\n script_name(\"Debian Security Advisory DSA 3721-1 (tomcat7 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-08-31 08:13:04 +0200 (Thu, 31 Aug 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-11-21 00:00:00 +0100 (Mon, 21 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3721.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"tomcat7 on Debian Linux\");\n script_tag(name: \"insight\", value: \"Apache Tomcat implements the Java Servlet\nand the JavaServer Pages (JSP) specifications from Sun Microsystems, and provides a\n'pure Java' HTTP web server environment for Java code to run.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these\nproblems have been fixed in version 7.0.56-3+deb8u5.\n\nWe recommend that you upgrade your tomcat7 packages.\");\n script_tag(name: \"summary\", value: \"Multiple security vulnerabilities have been\ndiscovered in the Tomcat servlet and JSP engine, which may result in possible timing\nattacks to determine valid user names, bypass of the SecurityManager, disclosure of\nsystem properties, unrestricted access to global resources, arbitrary file overwrites,\nand potentially escalation of privileges.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libservlet3.0-java\", ver:\"7.0.56-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.0-java-doc\", ver:\"7.0.56-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.56-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7\", ver:\"7.0.56-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-admin\", ver:\"7.0.56-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-common\", ver:\"7.0.56-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-docs\", ver:\"7.0.56-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-examples\", ver:\"7.0.56-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat7-user\", ver:\"7.0.56-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-03-05T18:37:51", "description": "This host is installed with Apache Tomcat\n and is prone to security bypass and information disclosure vulnerabilities.", "cvss3": {}, "published": "2017-08-11T00:00:00", "type": "openvas", "title": "Apache Tomcat Security Bypass and Information Disclosure Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310811298", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811298", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat Security Bypass and Information Disclosure Vulnerabilities (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811298\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-6794\", \"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6796\",\n \"CVE-2016-6797\");\n script_bugtraq_id(93940, 93944, 93939, 93942, 93943);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-08-11 14:49:43 +0530 (Fri, 11 Aug 2017)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Apache Tomcat Security Bypass and Information Disclosure Vulnerabilities (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache Tomcat\n and is prone to security bypass and information disclosure vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An error in the system property replacement feature for configuration files.\n\n - An error in the realm implementations in Apache Tomcat that does not process\n the supplied password if the supplied user name did not exist.\n\n - An error in the configured SecurityManager via a Tomcat utility method that\n is accessible to web applications.\n\n - An error in the configured SecurityManager via manipulation of the\n configuration parameters for the JSP Servlet.\n\n - An error in the ResourceLinkFactory implementation in Apache Tomcat that\n does not limit web application access to global JNDI resources to those\n resources explicitly linked to the web application.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to gain access to potentially sensitive information and bypass\n certain security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9,\n Apache Tomcat versions 8.5.0 to 8.5.4,\n Apache Tomcat versions 8.0.0.RC1 to 8.0.36,\n Apache Tomcat versions 7.0.0 to 7.0.70, and\n Apache Tomcat versions 6.0.0 to 6.0.45 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apache Tomcat version 9.0.0.M10\n or 8.5.5 or 8.0.37 or 7.0.72 or 6.0.47 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.72\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.47\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M10\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.5_and_8.0.37\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/tomcat/detected\", \"Host/runs_windows\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(tomPort = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:tomPort, exit_no_version:TRUE))\n exit(0);\n\nappVer = infos[\"version\"];\npath = infos[\"location\"];\n\nif(appVer =~ \"^6\\.\")\n{\n if(revcomp(a: appVer, b: \"6.0.47\") < 0){\n fix = \"6.0.47\";\n }\n}\n\nelse if(appVer =~ \"^7\\.\")\n{\n if(revcomp(a: appVer, b: \"7.0.72\") < 0){\n fix = \"7.0.72\";\n }\n}\n\nelse if(appVer =~ \"^8\\.5\\.\")\n{\n if(revcomp(a: appVer, b: \"8.5.5\") < 0){\n fix = \"8.5.5\";\n }\n}\n\nelse if(appVer =~ \"^8\\.\")\n{\n if(revcomp(a: appVer, b: \"8.0.37\") < 0){\n fix = \"8.0.37\";\n }\n}\n\nelse if(appVer =~ \"^9\\.\")\n{\n if(revcomp(a: appVer, b: \"9.0.0.M10\") < 0){\n fix = \"9.0.0.M10\";\n }\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:appVer, fixed_version:fix, install_path:path);\n security_message(data:report, port:tomPort);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-09-04T14:18:33", "description": "Multiple security vulnerabilities have\nbeen discovered in the Tomcat servlet and JSP engine, which may result in possible\ntiming attacks to determine valid user names, bypass of the SecurityManager,\ndisclosure of system properties, unrestricted access to global resources, arbitrary\nfile overwrites, and potentially escalation of privileges.", "cvss3": {}, "published": "2016-11-21T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3720-1 (tomcat8 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2017-08-31T00:00:00", "id": "OPENVAS:703720", "href": "http://plugins.openvas.org/nasl.php?oid=703720", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3720.nasl 7026 2017-08-31 06:13:04Z asteins $\n# Auto-generated from advisory DSA 3720-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703720);\n script_version(\"$Revision: 7026 $\");\n script_cve_id(\"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6794\", \"CVE-2016-6796\",\n \"CVE-2016-6797\");\n script_name(\"Debian Security Advisory DSA 3720-1 (tomcat8 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-08-31 08:13:04 +0200 (Thu, 31 Aug 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-11-21 00:00:00 +0100 (Mon, 21 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3720.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"tomcat8 on Debian Linux\");\n script_tag(name: \"insight\", value: \"Apache Tomcat implements the Java\nServlet and the JavaServer Pages (JSP) specifications from Oracle, and provides\na 'pure Java' HTTP web server environment for Java code to run.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 8.0.14-1+deb8u4.\n\nWe recommend that you upgrade your tomcat8 packages.\");\n script_tag(name: \"summary\", value: \"Multiple security vulnerabilities have\nbeen discovered in the Tomcat servlet and JSP engine, which may result in possible\ntiming attacks to determine valid user names, bypass of the SecurityManager,\ndisclosure of system properties, unrestricted access to global resources, arbitrary\nfile overwrites, and potentially escalation of privileges.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java\", ver:\"8.0.14-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libservlet3.1-java-doc\", ver:\"8.0.14-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtomcat8-java\", ver:\"8.0.14-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8\", ver:\"8.0.14-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-admin\", ver:\"8.0.14-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-common\", ver:\"8.0.14-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-docs\", ver:\"8.0.14-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-examples\", ver:\"8.0.14-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tomcat8-user\", ver:\"8.0.14-1+deb8u4\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-03-05T18:40:23", "description": "This host is installed with Apache Tomcat\n and is prone to security bypass and information disclosure vulnerabilities.", "cvss3": {}, "published": "2017-08-11T00:00:00", "type": "openvas", "title": "Apache Tomcat Security Bypass and Information Disclosure Vulnerabilities (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6796", "CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6797"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310811703", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811703", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat Security Bypass and Information Disclosure Vulnerabilities (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811703\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-6794\", \"CVE-2016-0762\", \"CVE-2016-5018\", \"CVE-2016-6796\",\n \"CVE-2016-6797\");\n script_bugtraq_id(93940, 93944, 93939, 93942, 93943);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-08-11 16:00:24 +0530 (Fri, 11 Aug 2017)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Apache Tomcat Security Bypass and Information Disclosure Vulnerabilities (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache Tomcat\n and is prone to security bypass and information disclosure vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An error in the system property replacement feature for configuration files.\n\n - An error in the realm implementations in Apache Tomcat that does not process\n the supplied password if the supplied user name did not exist.\n\n - An error in the configured SecurityManager via a Tomcat utility method that\n is accessible to web applications.\n\n - An error in the configured SecurityManager via manipulation of the\n configuration parameters for the JSP Servlet.\n\n - An error in the ResourceLinkFactory implementation in Apache Tomcat that\n does not limit web application access to global JNDI resources to those\n resources explicitly linked to the web application.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to gain access to potentially sensitive information and bypass\n certain security restrictions.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9,\n Apache Tomcat versions 8.5.0 to 8.5.4,\n Apache Tomcat versions 8.0.0.RC1 to 8.0.36,\n Apache Tomcat versions 7.0.0 to 7.0.70, and\n Apache Tomcat versions 6.0.0 to 6.0.45 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apache Tomcat version 9.0.0.M10\n or 8.5.5 or 8.0.37 or 7.0.72 or 6.0.47 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.72\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.47\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M10\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.5_and_8.0.37\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/tomcat/detected\", \"Host/runs_unixoide\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(tomPort = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:tomPort, exit_no_version:TRUE))\n exit(0);\n\nappVer = infos[\"version\"];\npath = infos[\"location\"];\n\nif(appVer =~ \"^6\\.\")\n{\n if(revcomp(a: appVer, b: \"6.0.47\") < 0){\n fix = \"6.0.47\";\n }\n}\n\nelse if(appVer =~ \"^7\\.\")\n{\n if(revcomp(a: appVer, b: \"7.0.72\") < 0){\n fix = \"7.0.72\";\n }\n}\n\nelse if(appVer =~ \"^8\\.5\\.\")\n{\n if(revcomp(a: appVer, b: \"8.5.5\") < 0){\n fix = \"8.5.5\";\n }\n}\n\nelse if(appVer =~ \"^8\\.\")\n{\n if(revcomp(a: appVer, b: \"8.0.37\") < 0){\n fix = \"8.0.37\";\n }\n}\n\nelse if(appVer =~ \"^9\\.\")\n{\n if(revcomp(a: appVer, b: \"9.0.0.M10\") < 0){\n fix = \"9.0.0.M10\";\n }\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:appVer, fixed_version:fix, install_path:path);\n security_message(data:report, port:tomPort);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2016-97454404fe", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-7052", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809955", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2016-97454404fe\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809955\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:14 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-6304\", \"CVE-2016-6306\", \"CVE-2016-6302\", \"CVE-2016-2179\",\n \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2180\", \"CVE-2016-2178\",\n \"CVE-2016-2177\", \"CVE-2016-7052\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2016-97454404fe\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-97454404fe\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4NE2Y22ZEWINQOU446KTTROYLEZAU2H\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2j~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-09-28T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2016-a555159613", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-7052", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809417", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809417", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2016-a555159613\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809417\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-28 06:03:34 +0200 (Wed, 28 Sep 2016)\");\n script_cve_id(\"CVE-2016-6304\", \"CVE-2016-6306\", \"CVE-2016-6302\", \"CVE-2016-2179\", \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2180\", \"CVE-2016-2178\", \"CVE-2016-2177\", \"CVE-2016-7052\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2016-a555159613\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-a555159613\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVK3T3ZCXM4Z6JIKCLBXRUEUBQKA3LKP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2j~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2016-64e0743e16", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-2178", "CVE-2016-6302", "CVE-2016-2177", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-7052", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871989", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871989", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2016-64e0743e16\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871989\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:22:45 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-6304\", \"CVE-2016-6306\", \"CVE-2016-6302\", \"CVE-2016-2179\", \"CVE-2016-2181\", \"CVE-2016-2182\", \"CVE-2016-2180\", \"CVE-2016-2178\", \"CVE-2016-2177\", \"CVE-2016-7052\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2016-64e0743e16\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-64e0743e16\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ONMKRXW4KFCDRJCCNX5UY46VXWTWEBA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2j~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:26", "description": "This host is running OpenSSL and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-26T00:00:00", "type": "openvas", "title": "OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities Sep 16 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-6302", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310107049", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107049", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mul_vul_dos_sep_16_win.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities Sep 16 (Windows)\n#\n# Authors:\n# Tameem Eissa <tameem.eissa@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107049\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2016-6306\", \"CVE-2016-6303\", \"CVE-2016-2181\", \"CVE-2016-6302\", \"CVE-2016-2182\",\n \"CVE-2016-2180\", \"CVE-2016-2179\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"creation_date\", value:\"2016-09-26 06:40:16 +0200 (Mon, 26 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_name(\"OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities Sep 16 (Windows)\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20160922.txt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL suffers from the possibility of multiple vulnerabilities due to:\n\n 1) Missing message length checks which results in Out of Bounds reads up to 2 bytes beyond the allocated buffer, this leads to Denial of Service.\n The attack works only if client authentication is enabled.\n\n 2) Calling MDC2_Update() can cause an overflow if an attacker is able to supply very large amounts of input data after a previous\n call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.\n\n 3) A malfored SHA512 TLS session ticket resulting in an Out of Bounds read which leads to service crash.\n\n 4) Unchecking the return value of BN_div_word() function causing an Out of Bounds write if it is used with an overly large BIGNUM. TLS is not affected.\n\n 5) Misusing OBJ_obj2txt() function by the function TS_OBJ_print_bio() will results in Out of Bounds reads when large OIDs are presented.\n\n 6) DTLS out-of-order messages handling which enable an attacker to cause a DoS attack through memory exhaustion.\n\n 7) A flaw in the DTLS replay attack protection mechanism enabling the attacker to send records for next epochs with a very large sequence number,\n this causes in dropping all the subsequent legitimate packets and causing a denial of service for a specific DTLS connection.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could result in Denial of Service.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL 1.0.2 and 1.0.1.\");\n\n script_tag(name:\"solution\", value:\"OpenSSL 1.0.2 users should upgrade to 1.0.2i, OpenSSL 1.0.1 users should upgrade to 1.0.1u\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^(1\\.0\\.2)\" && version_is_less(version:vers, test_version:\"1.0.2i\"))\n{\n fix = \"1.0.2i\";\n VUL = TRUE;\n}\nelse if (vers =~ \"^(1\\.0\\.1)\" && version_is_less( version:vers, test_version:\"1.0.1u\"))\n{\n fix = \"1.0.1u\";\n VUL = TRUE;\n}\n\nif (VUL)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:10", "description": "This host is running OpenSSL and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-26T00:00:00", "type": "openvas", "title": "OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities Sep 16 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-6302", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-6303", "CVE-2016-2182", "CVE-2016-2179"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310107048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107048", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mul_vul_dos_sep_16_lin.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities Sep 16 (Linux)\n#\n# Authors:\n# Tameem Eissa <tameem.eissa@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107048\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2016-6306\", \"CVE-2016-6303\", \"CVE-2016-2181\", \"CVE-2016-6302\", \"CVE-2016-2182\",\n \"CVE-2016-2180\", \"CVE-2016-2179\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"creation_date\", value:\"2016-09-26 06:40:16 +0200 (Mon, 26 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_name(\"OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities Sep 16 (Linux)\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20160922.txt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL suffers from the possibility of multiple vulnerabilities due to:\n\n 1) Missing message length checks which results in Out of Bounds reads up to 2 bytes beyond the allocated buffer, this leads to Denial of Service. The attack works only if client authentication is enabled.\n\n 2) Calling MDC2_Update() can cause an overflow if an attacker is able to supply very large amounts of input data after a previous\n call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.\n\n 3) A malfored SHA512 TLS session ticket resulting in an Out of Bounds read which leads to service crash.\n\n 4) Unchecking the return value of BN_div_word() function causing an Out of Bounds write if it is used with an overly large BIGNUM. TLS is not affected.\n\n 5) Misusing OBJ_obj2txt() function by the function TS_OBJ_print_bio() will results in Out of Bounds reads when large OIDs are presented.\n\n 6) DTLS out-of-order messages handling which enable an attacker to cause a DoS attack through memory exhaustion.\n\n 7) A flaw in the DTLS replay attack protection mechanism enabling the attacker to send records for next epochs with a very large sequence number,\n this causes in dropping all the subsequent legitimate packets and causing a denial of service for a specific DTLS connection.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could result in Denial of Service.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL 1.0.2 and 1.0.1.\");\n\n script_tag(name:\"solution\", value:\"OpenSSL 1.0.2 users should upgrade to 1.0.2i, OpenSSL 1.0.1 users should upgrade to 1.0.1u\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^(1\\.0\\.2)\" && version_is_less(version:vers, test_version:\"1.0.2i\"))\n{\n fix = \"1.0.2i\";\n VUL = TRUE;\n}\nelse if (vers =~ \"^(1\\.0\\.1)\" && version_is_less( version:vers, test_version:\"1.0.1u\"))\n{\n fix = \"1.0.1u\";\n VUL = TRUE;\n}\n\nif (VUL)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2022-01-24T18:25:53", "description": "Package : tomcat7\nVersion : 7.0.28-4+deb7u7\nCVE ID : CVE-2016-0762 CVE-2016-5018 CVE-2016-6794\n CVE-2016-6796 CVE-2016-6797 CVE-2016-6816\n CVE-2016-8735\nDebian Bug : 841655 842662 842663 842664 842665 842666 845385\n\n\nMultiple security vulnerabilities have been discovered in the Tomcat\nservlet and JSP engine, which may result in possible timing attacks to\ndetermine valid user names, bypass of the SecurityManager, disclosure of\nsystem properties, unrestricted access to global resources, arbitrary\nfile overwrites, and potentially escalation of privileges.\n\nIn addition this update further hardens Tomcat's init and maintainer\nscripts to prevent possible privilege escalations. Thanks to Paul\nSzabo for the report.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n7.0.28-4+deb7u7.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-12-01T22:56:06", "type": "debian", "title": "[SECURITY] [DLA 729-1] tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-8735"], "modified": "2016-12-01T22:56:06", "id": "DEBIAN:DLA-729-1:1B0B9", "href": "https://lists.debian.org/debian-lts-announce/2016/12/msg00002.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-23T21:44:34", "description": "Package : tomcat7\nVersion : 7.0.28-4+deb7u7\nCVE ID : CVE-2016-0762 CVE-2016-5018 CVE-2016-6794\n CVE-2016-6796 CVE-2016-6797 CVE-2016-6816\n CVE-2016-8735\nDebian Bug : 841655 842662 842663 842664 842665 842666 845385\n\n\nMultiple security vulnerabilities have been discovered in the Tomcat\nservlet and JSP engine, which may result in possible timing attacks to\ndetermine valid user names, bypass of the SecurityManager, disclosure of\nsystem properties, unrestricted access to global resources, arbitrary\nfile overwrites, and potentially escalation of privileges.\n\nIn addition this update further hardens Tomcat's init and maintainer\nscripts to prevent possible privilege escalations. Thanks to Paul\nSzabo for the report.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n7.0.28-4+deb7u7.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-12-01T22:56:06", "type": "debian", "title": "[SECURITY] [DLA 729-1] tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "base
Security Bulletin:Vulnerabilities in Apache Tomcat and OpenSSL affect Rational BuildForge
