Tenable Log Correlation Engine (LCE) < 6.0.9 (TNS-2021-10)

2021-06-02T00:00:00

Description

The version of Tenable Log Correlation Engine (LCE) installed on the remote host is prior to 6.0.9. It is, therefore, affected by multiple vulnerabilities: - Multiple denial of service vulnerabilities in the included OpenSSL component. (CVE-2019-1551, CVE-2020-1967, CVE-2020-1971, CVE-2021-3449, CVE-2021-23840) - Multiple cross site scripting vulnerabilities in the included JQuery component. (CVE-2020-11022, CVE-2020-11023) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

{"id": "LCE_6_0_9.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Tenable Log Correlation Engine (LCE) < 6.0.9 (TNS-2021-10)", "description": "The version of Tenable Log Correlation Engine (LCE) installed on the remote host is prior to 6.0.9. It is, therefore, affected by multiple vulnerabilities:\n\n - Multiple denial of service vulnerabilities in the included OpenSSL component. (CVE-2019-1551, CVE-2020-1967, CVE-2020-1971, CVE-2021-3449, CVE-2021-23840)\n\n - Multiple cross site scripting vulnerabilities in the included JQuery component. (CVE-2020-11022, CVE-2020-11023)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2021-06-02T00:00:00", "modified": "2022-05-09T00:00:00", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "href": "https://www.tenable.com/plugins/nessus/150139", "reporter": "This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.tenable.com/security/tns-2021-10", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449"], "cvelist": ["CVE-2019-1551", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-1967", "CVE-2020-1971", "CVE-2021-23840", "CVE-2021-3449"], "immutableFields": [], "lastseen": "2022-05-24T16:38:36", "viewCount": 33, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY32.ASC", "OPENSSL_ADVISORY33.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:4670", "ALSA-2020:4847", "ALSA-2020:5476", "ALSA-2021:1024", "ALSA-2021:1846", "ALSA-2021:4142", "ALSA-2021:4198", "ALSA-2021:4424"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2020-11022", "ALPINE:CVE-2020-11023"]}, {"type": "amazon", "idList": ["ALAS-2020-1456", "ALAS-2021-1482", "ALAS2-2020-1519", "ALAS2-2020-1573", "ALAS2-2021-1608", "ALAS2-2021-1612", "ALAS2-2021-1622", "ALAS2-2021-1626", "ALAS2-2021-1687"]}, {"type": "archlinux", "idList": ["ASA-202004-18", "ASA-202004-19", "ASA-202012-24", "ASA-202102-42", "ASA-202103-10"]}, {"type": "atlassian", "idList": ["ATLASSIAN:CWD-5683", "ATLASSIAN:JRASERVER-72052", "CWD-5683", "JRASERVER-72052"]}, {"type": "attackerkb", "idList": ["AKB:22C3A43F-3CEE-464A-9C77-FEE26DBE757A", "AKB:7651D6FA-BDFA-4A6E-81F2-E5CF545CD088", "AKB:93D7F9FF-1F51-45C7-8172-B3E45415E966", "AKB:98773293-D092-495A-AD61-3E5439225950"]}, {"type": "centos", "idList": ["CESA-2020:3936", "CESA-2020:5566", "CESA-2021:3798"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-0407", "CPAI-2020-1183"]}, {"type": "checkpoint_security", "idList": ["CPS:SK172983"]}, {"type": "cisco", "idList": ["CISCO-SA-OPENSSL-2021-GHY28DJD"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:177BD11FEDF3F89426E99286BC7DC46B", "CFOUNDRY:431A5FEB07A8E937BEDFD31D7F1BE817", "CFOUNDRY:5EA35272975027EBFB62DFE2535B7B4B", "CFOUNDRY:79AEA0CB72178344BEE07C9B9FEA86F0", "CFOUNDRY:BCFE0333C3F2E89FFDF11615D117C9AF"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1608724134", "CLSA-2021:1632261785"]}, {"type": "cve", "idList": ["CVE-2019-1551", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-1967", "CVE-2020-1971", "CVE-2021-23840", "CVE-2021-3449"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2492-1:77952", "DEBIAN:DLA-2493-1:D2596", "DEBIAN:DLA-2563-1:7D5FC", "DEBIAN:DLA-2563-1:B363B", "DEBIAN:DLA-2565-1:2FCB7", "DEBIAN:DLA-2565-1:CC1A3", "DEBIAN:DLA-2608-1:50303", "DEBIAN:DLA-2751-1:5F8DA", "DEBIAN:DLA-2952-1:7651B", "DEBIAN:DSA-4594-1:28CBC", "DEBIAN:DSA-4661-1:70270", "DEBIAN:DSA-4693-1:F5786", "DEBIAN:DSA-4807-1:1C1CB", "DEBIAN:DSA-4807-1:B0537", "DEBIAN:DSA-4855-1:4A0C0", "DEBIAN:DSA-4855-1:B091B", "DEBIAN:DSA-4875-1:829EF", "DEBIAN:DSA-4875-1:AE1B0"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-1551", "DEBIANCVE:CVE-2020-11022", "DEBIANCVE:CVE-2020-11023", "DEBIANCVE:CVE-2020-1967", "DEBIANCVE:CVE-2020-1971", "DEBIANCVE:CVE-2021-23840", "DEBIANCVE:CVE-2021-3449"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CORE-2020-002"]}, {"type": "exploitdb", "idList": ["EDB-ID:49766", "EDB-ID:49767"]}, {"type": "f5", "idList": ["F5:K01251345", "F5:K02453220", "F5:K24624116", "F5:K42910051", "F5:K43798238", "F5:K66544153"]}, {"type": "fedora", "idList": ["FEDORA:3AEB830B2656", "FEDORA:5F36E6079A0D", "FEDORA:77A873096A19", "FEDORA:822D960BF257", "FEDORA:8514B6312F21", "FEDORA:86D5D3097097", "FEDORA:8C9CB30BDABD", "FEDORA:9BFED31347B3", "FEDORA:B0BBE6085FBF", "FEDORA:C7AFE309727E", "FEDORA:DBF7C3092516", "FEDORA:DC7DF3111B2E", "FEDORA:E700F3072E21"]}, {"type": "freebsd", "idList": ["012809CE-83F3-11EA-92AB-00163E433440", "08B553ED-537A-11EB-BE6E-0022489AD614", "1D56CFC5-3970-11EB-929D-D4C9EF517024", "1FB13175-ED52-11EA-8B93-001B217B3468", "2F3CD69E-7DEE-11EB-B92E-0022489AD614", "56BA4513-A1BE-11EB-9072-D4C9EF517024", "5A668AB3-8D86-11EB-B8D6-D4C9EF517024", "96A21236-707B-11EB-96D8-D4C9EF517024", "C0C1834C-9761-11EB-ACFD-0022489AD614", "CD2DC126-CFE4-11EA-9172-4C72B94353B5", "D778DDB0-2338-11EA-A1C7-B499BAEBFEAF", "E8483115-8B8E-11EA-BDCF-001B217B3468"]}, {"type": "gentoo", "idList": ["GLSA-202004-10", "GLSA-202007-03", "GLSA-202012-13", "GLSA-202103-03"]}, {"type": "github", "idList": ["GHSA-83MX-573X-5RW9", "GHSA-CQCC-MM6X-VMVW", "GHSA-GXR4-XJJ5-5PX2", "GHSA-JPCQ-CGW6-V4J6", "GHSA-JQ65-29V4-4X35", "GHSA-QGM6-9472-PWQ7", "GHSA-V73W-R9XG-7CR9"]}, {"type": "githubexploit", "idList": ["050B5540-E4D4-523F-A821-852F4E2CCDD8", "458891C6-0BE7-5AC1-8119-7DD6B0884A9A", "9D1AE9EC-AAED-5991-9F41-9458ABC7EFC3", "9E63B0B5-5583-5FC0-85B1-048296D9FC6A", "C0148A2C-75C9-5375-AE2F-DBEDCCD0999F", "C3C9928F-AC84-5B3E-980E-F594CABE8EA3"]}, {"type": "hackerone", "idList": ["H1:1113025", "H1:874427"]}, {"type": "hp", "idList": ["HP:C06911998"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200715-01-OPENSSL"]}, {"type": "ibm", "idList": ["00433CAF266E39F063C2B039391891725D25992A193F3BAAA61C1BA35BEFE3BF", "00DD5060E6124BE4F25A4AF7DA83D15A52360F89A1F6A84F1ED9C6E28CD62833", "023AF7CE811F35CB9EA5BD22171F66AA17D83D1B9FF44FF925D320814BAE40E2", "02740F7656140577EDC311D3FA53C782BE9C2AFA138D94E3B0583A50F28424DA", "0319E4F01D8C2BB1E1D9CA642942762AB6D0486EE87445E505B6585BF79E6E34", "045B3221FB3BBC39DD70A158CACD0ACC0885A17A6B16F3CCA24E243D79A3DFB4", "05C711ADE626E71EEF208B57EB92611FB65BACFAC2E002E5DCF15BB16E425278", "06E45448DD54AD77E13A3A6CDF85E9A5C15F5881E8F05C1E5D3E72BA73F31BE8", "06FE50BE40FEE3497F0E530101C2633637A1990675C077F16FF2FB5E0F90CCF4", "092A5FFF63DF2D24AE105A3D4A7EFA1386A4FF9DBF7D2F354A30991E0CB4C671", "09991BD27DF134FB901D580D8AB22958816A72F1DA9169086D91AB2CCAA0D19E", "09B2AB76F2BDB96C1D80882C003F4EB4F06924E6DBF0BF3818CF83A2F0AF4B47", "0A2CC076E697047BEB801920E37078BA16894DE0A4DAB7A64E209E04A52ED4A7", "0A5B13C8983BE4491518367535A0427B2CBE5B0B75C8384C4657D2E9D8B12509", "0D15D47821CE302EE87F64871F16E8FAED0DF6B97568D7FF28129A9D318E1F27", "0ECBCAAF17194C060682E1B26E2EF9F8F8DA5EA1DAFDB2E39C320FF040DEBF75", "0EF2B3BEA4403B998499114AE5D3693C840E985B7ECCF95FA6F6834A4F819197", "1022F1A8652F556CC61338952DE52ECA055F8D74B75EE7AF0120EF547C2DEB6E", "14A887E26BDEB476941873D8603CE7056CDC1B2DDE8715BEE33CDC5E12E4CB69", "156A423D91231641B7B06703B06D394BB31F565A2A6E565DA370AE1DFE2E3F38", "17E2A2234B8EB1A1FD88875B4639DD7977B1A0F62BC6D5F9D6C40BAFB9288E47", "1A35248CBBA17AE981ED0B52B133E7CA1678042C1A9C93C2EC8BED2EF8994420", "1A8A5E6AC75FF4A1A546DD1431D4E3A224B13E96434DBC2C5C874D7E73D90553", "1AD1D443A812E31635C257C107A94874F8B4C76399451E955FF84E25916790A9", "1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691", "1DAFFF28AC34C8DA1A937E9644BE4D8E8B813CF125F13D52F12ED92015236660", "1E31E5192E10CAAECCFE249B0EEB57518F8681EB105FB477D1D108CDEEAD4DD9", "1FEA014B0C2FDFA9CD279E4CFD9E200E38418FF00A5DAAACDABABCEF7837D1FC", "205D8E291F00D69928AE2777BC3A52CC5094D59B30AB5BF479F77703C17C0EBE", "20763F2B27C66C722124CBB23FF4ECBE76431735E0AC6E1F94E8999CB3A2CB25", "2404E42A6AEF9D8505CDF5F29071088D46DB039426A35293F5767A7820D62316", "25397404A49A13F607BAB2C3AB213E098E878D383B3AD1E6FA8C841C89EA04A7", "25866EAC5116B5C36C790B49E143D8CC4258D3DCE1C90FBCAE80E34B6D66A383", "26D8B9BA25346A1142EC41EC455309415D14076E05E1C0FE94BCF3C77CFC130B", "29FEB4BC243AF3979A9988871B7F5C155C9D2A35DC7B74A7FF221E6D9E7BEA57", "2A203D8BF52DCAFF8B5E95996A1B55C43D9BF20BC5F58B0B4D388698819D6CF7", "2E58B569B4DB4763709C8CD7E2753A53378BB27D938664EE87B306305B546DAA", "2E99FBB731310229E5D67CCF834D84A3C63F588068BE4D2601929B95EFC9AA89", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "30A5CA62F6580AAFA852738DF5325C812D685A3292E94F7A9E759C1125E79A0A", "30FFFEA2FE2E4E9AF5ECA6DC17AE2B44C7349035512A5564E90395AD4D0D14BA", "333C119D3A0437BF92826DA551039CEEC4C96ACBE2B033BC949AB1809D25154B", "3410A57294243E5BBAFB4C69F17AC837FB02B049396A85D095AF16279272DED9", "34BD53EB31AD88FE6BCD0318A3283205983F8374B4E36C18A2AB87E881443510", "358DC0980F7932DD14B85959C6700782E8655CCB3063C8C48A71493831458384", "3617E5DB629BF3E4966913C6CBFB7FB0D83FD9726DE73DD22305E09D36598E97", "36565348F4E1B0CCDE0AADC411DA06910C9187D494E861656F2898FFF80CA633", "3751D59918B26EEDBAC0FEE1886D1A118A9D2105E993222B09C299A55F5D8424", "38673841651CC84F9C5F463EBAA4FCB1CD8DB260C4DB4DE5C5EB13515B8DE043", "386787210638336CC8A4D4477798C39C1093AF9F1749D0FFC4352CD55B67EECC", "390281289B3F4343A1E1F6452AD13173E9D0CC35AEA58C89794C77A0CF60DD5B", "3BA65632D2C38CB6B2155205BEF7E978F1A0061EDF59190756A9E0B8A31E73D6", "3F34AB5AA343AE750DDC18968E6F874BE99938ACC1A401B2E368156C6C827FD8", "40AB54AD406F2338CEDC99E69986ECDC190917A9D711E806EACC78563FDDE00D", "40FF55B5795EDDC89506253F7614F64D589E9F985162917C433828167306DB0E", "41E5114A4BDDC5721ED193477AF4D7766B975DA049CA337ACB35DD35514BD892", "441A6459C1CBE843EDD7F5C4D862AA7C6F90584EA901F82EF1B6D31B418078EB", "443D72A50EC70BB907313144DE326CBB62CC442B470D6915D9AFF2C8F6E0D2A6", "4462F68776C0B9CE996B1CDD6E1466E18E772BB0C1491F3161CE6D6FC1362DD3", "44AFDEAFD41860F69D32A81AF82FFCC07CB70BCD09283311989298641C60901F", "46408A14D896F2590474D3B129B44EA3EC035B71D283468445233579BDC6BEE8", "478179A4FF7D7F88209674CCCA14AA5E28599D1CB2F8DECF2A69F98F78B27118", "48743691B199137A582CC22605BCF99658033695C6D69E50041B31A074707355", "4C098F2F4DD25A03B6FD67587B106604BA4957943FBB7B66868AD8F6F9AEAA0C", "4C62280F93124FD0C7C5C20CA30CD4D137F1D0A9E1E35780DCDE98EDBCFD8B1B", "4CE1B2F6454C1BD94457E47D668B97B231076132166B23B18741F946099CC719", "4E39FDB5C241C26D4DD2BD5D0D87CEBA03C22671C2E86D53C726034AAB37EFD2", "4E6353F1062DDEE2F859DA9376A59A0A02E58324E8A0BB460968024ADB369792", "4E7FE0F1E30AF3FEDE3E69121DBC9B8ED2C0931A5F59643DDC7CCF633D093C6D", "4F8D39F3F464E5E9FD3000C317BC69CF4FEEE9F0605C69E62D810607C6BB87CD", "50AFB1284FA10D4E83AEFE409E8E05B67E7E2BCCAE0E467F68601455F164F5E3", "51B18D37F54E0E13CB87112E0323518D15B4E3A206BB32632FE2181BBF89BDC8", "534BE42CCFEBF334619AFF9C2FB1955CE0C058A0559E49A3D0C26AB6F743C73E", "53F32964A2275244A5F7A1D6BE61A50BA12236B3F5CF9F259D3080CEA722858F", "54C108178FEFCC2E097FAAE5C25ED91CFC0811D8F54A2518390833D0DCC7402A", "570AF6CDC4F7E864E6852EBD03923041C13A884B424AC254820AD0EEB73694DF", "5817362CFEBEC3D97C56F71F58F7BAD39B11D1FC1BE175D82D99141AA79FD8BD", "5834E81AF46691B1D89090AAA05DF8D5F3F6ABF00015A6CCFC60814EADDADCF6", "599FD7C04A9861E581A0889B84F743CE6345EDB3A38453CDF55B29FBE0F03491", "5B9FE3466C6709549936B7AF9F0C0D4DCFCB7C692D0EEFEE7E0A64D8C6798193", "5CAD5D32258B6EBB72263ED99B6DE586C3A3347FA7743140740A1F7CC94CC9A8", "5CFA2CCBFE05295C7186239383AF12E6EC68C33A3ED0A1976150849CCB589A37", "5DC8FB040A584733A88E3C4FB30004B815F71BE1D0193C00019FE31037DC709D", "60534107EEBE1FC28BA7B5968A9A0C51CA6E5FDA395D6771A575BA502A8E6DD8", "63C0560C61FE9A9777F6402C4988E794A31F66C8118AFA944D2596065F5D0454", "64ADFD088203597B59C398AB3DEF28DC4F72D37A4C48C7FA81C6531EDA6A9877", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "65EC64A753CE4A7F6C9FBB3047D29A2833F1E56F4AB452D779D8436BA19B01F0", "687EF3D9E4C66E2EC0DD556D7C5488A09AD8CF69EA1010A9456E63DF45C0B64F", "6A618EAE42104251ED8BFD4A24087719BC5523571FCFED871C921517BEA0FE71", "6B9D154BCE10DADDC28B259A53CDE7ADF906DBCB05E8EF0696407EACF7A37CB7", "6BC9040B51F3B0282E132873A0D807E58D8450D20237A38329B62B37AB7F1BD6", "6CFD1F4E92DE674FABBF5CB0AB382F8E451BC50559AF2503871032E5B3345584", "6D4BC30FC7D54719CC8531DD40CAEF904411E8A769D791119C3658B78C353F56", "6DFE02E47206439339CF69003DED7C6A339BE8A9FDA6611EA300ACF64BDB9DD1", "73C56B324A2080FA9C0CB45D26C0A4523AA2C160E0E404D5B47EF65512D83AFF", "74F2A94336E51B0E3062906A1A2B7FB8CDE35DFD901789C840E3CE1DA62E9EF6", "7515461187DFB015988713DF2DBDEA4817C1389377BFCF2A0E37795D61EB76DF", "7673ECA7C26C82F326589C66582D68F7F87357B4FB250AD73DE7E7F5EC924344", "7712F0249FC574F5E6BB742100BF0E53D089C499325D28D0E2739DFD47B4CADA", "7976285C796BB636B28F14C5DA550AD74D4373A4D28EA23185C050910A0811C7", "7C01AFE6E64B43031575F0102FF010954F3B02AB92048869BDE2D0610503F56C", "7D158CE8DF0EAA9F8D32E562C6E3311BC04075EC6BE07466A648F40065F0CEAD", "7E1CB2FDA212C7A8FC0CCD8803720285F00C1F62F3E2628C7217A85BFA5FFBC8", "7E466DB7C3E6D0FD95B6290D6AABCA2CA5965052B0CC5CB552473151BFA7576F", "7EDC7E4A607AC78AB259E545462224179BA0B894DBBE1C19D52406785B960D30", "807F02BF5D04D1D709B1D383A56D073A3E2ABB5E058B819FF145C9C80E083AF4", "82D897D235CFB70936ACD9CA3E6034885E56EBCC4A41A67CD33F1077B9C80885", "841ABF9ADD122315E9FF98182FCCE868E8819519D3577D87A3CBDF6FFE75C0B5", "87DCB77CF764C7235B6473B289E603F21A1588D5812BC1D3022468CF1C8EF03A", "89780D4585A20488FEED7686A5CA76A1831A95DB741EA06511648ED27850EC1B", "89BE9EE6717FD5FE5CAC882E73D515D8E83F7EB08EF93BE1CF98227C2B6807B1", "8A9DA62ACD0528EEF6577A7929613A497D58F78FF0E64379975CCC381DD42953", "8CB93770328F2819DE92FFEB5767258BAD5A547F304198FB72E85CAB4E4E55B4", "8CD12EF78572A4084B09F1DEB451D5D52F854099E5B1A1A30714B96E6F38483F", "8CF6A6FE2F39323B5977B7A87F227610F8DCFED21A1A2E55F1C1160FF28EB52E", "8D64F104C14AF2A33552E861AE403F451EDADB214820F820DA429C523DB6D464", "8F36292DD2EC673F77E7D26F88D6129155EA165304B1A957E549DC327B6DCB50", "90D59D207E240BE5AC750765C539B8ED7F5604D85518190296B85710EF6190ED", "914B3D8A3C96750F83A07447B8B437FD19FA6D91185D7E4959ABEC5B8EC2CC0B", "93D982A39132D6971EA07E3AA657EC8948513467BCB8FA924C2C3CDB21B10B29", "941A5FB04B6C4DF5F07E2FBC7A84EADD1A839385EC770AAC6BDFEF5BC82847D9", "94283DE0584ABF5D790E0534ED68F70746D7978ACD04057D9A9DAD20D45397A9", "956982A3E052293F0151836446E11BFC653A802D63CD0248D1D89A3EE15C0636", "95DB73F5A2D4EB11B85C362DCF03F9F8FC46C7CB97B1703FBB0155459B8D3286", "95F72A00E1A8D6C6435D5EA582DBD8F295F4C86F1D6773A4DD617BAD40C3247F", "979C1C302656B100A9230D67DC5FDA9D31E695FEDE62BEA27566840475B31B1B", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "97DAF9DC379788A0256F1282C0BACE119D9E6A9486647915DB7396CD37EB5480", "97DBA1E30952A387E9FFBBCBC4073EB22E406C0722006EEFFCFE53B1712D7E07", "981346B4F2948F216BED89C4CD8BE79AD6F63DE1FBA4E88FB16B5600DC4A27C5", "9A04620999F6A5C33EA2D706818867EC5FDA6193AE9CFACF3632E54A7A590B2D", "9A20509E1E544EB20A59DA9FC7AF82F400FE5F811F4BF6223A61E0E7FD269C22", "9C2F629D74A0CEB50295825F06E9E3F031D43FAA69C3940ECFB41EE6607361C2", "A21450CA46A13FB7D14123F07EF140C38F3E8D99CAA98E59F1BF8D289483212C", "A2D06FB3017FCE651EA8255C84E9C676D1204865B3375BA8E8B8F438AA9B7256", "A2E923A551C0F36BAC84848E053A3A93F2AC1141EB9D1739FE1D48A6684F5352", "A3AA1EABC04F772D5CDA8853B864F229765DC4A3D9C4B8F0FBF97542821DB5E9", "A5DABD1C1B1C58D900A9518CCA7EC1C03488CC2DF1750F65600D7F0C8E0E4763", "A5F646FF4C83A4B1D2C8B47FCAC3D208DF17454D859B9AB5DD63F0E74300162C", "A701AFC8C238BDFFC275CACF75BFA2343212CCA8077B0C43D13D17FB1392C9ED", "A77752C32B282EE01C2B264981C7DFDC7554CD9C1469D9E83E02A1B6F7E98B7C", "ACBA42A9F266755DB30CE35DBA1907FB61B1687AAD3415499AF5573BC67595AA", "AE3208EEE597DADD8531B516A96ADB9FF4C1017F9E86C776CEC09336A409AEEF", "AE395445C7C7240CD17B06CE58A20D98731AA33DE1AAF047F3A02C424CBD3F87", "AE43F70F3F5D62A658918CCC29799CE9BC8043632FD1B49352EA1394C508AEFE", "AED0F240DF3C88F319E3FB42ACD61D16097A82B46ED80B7D90B6C196F011838C", "AF755D0AFFE03556C8B9305D8915C03A01FE89F8467352FDCE443EF53F8AF11B", "B0528F9B036E05AC9A10262631DAF76C50D058E8380B936E9BB1177907389047", "B0DF32322CE6A2B6D1EC5D029C9322141A4F0B90F6393DD9417AE692DA63CE98", "B0FB4CCA6C2AAF4AE7DFA7516AE94640B71BE0BE346F669F7A4393C673251F3D", "B17F6EA32217517527CEC9840D03393C5EFC22D03E15D5F135A129A339DB07A0", "B28FD4A25B43EFD2C7450FB640D5515FCCE6BF18AB77452E913D7313263F803B", "B609D685D630C87BB458CB89A66B87A64831A7617912F7856869B7F1B264C40C", "B7BA5F69F24A628309DDEB4E2D3F14EFFC76E85846D015C3C74B090A1ADCD851", "B7D409E9A403BA9F7B31027D06EA38DD15E5D87F56D21161B5BA8A2053445315", "BB600B119BB0BCBE0C1A441D96B93496AC1319A4F50379AB81C6EC6E8A6222AF", "BDF8F6272DDC9AFF34CC149E66EE100802632EF6ECBB6A1F85ED4C5AAC63B956", "BDFA432EA62E6EFDD1DA5F84B4EE926C27FCF1125443F9D0EC5005B0FEE74C89", "BDFFEC82B2EDD09B2B9BBF108A0FF2E0545F478096EDDC6BB9309619F66D585B", "C09C5C1FD3C60B48E6AFE6C609BF568B8A996E541FEDA06CAD3678833B7435CF", "C1043F35FF1F630A47D32A8195A08331316B4A0E682E22CCC64ED3A8793D1A86", "C1E9DD1D5F56BE590CE67E5ACE9A370747957987F59BF2DE6CD477A299E8C37E", "C8E3076BF00DD8380618AD02C4DDA7DF7604CC6B6A724449CCB6A06853CAED2A", "CA1E3EFC07D22B2DA86595362931D640F30F757529856481F669DB4619DAD922", "CAD0AF0EEE65AC3FA6B204F1FFF00B9921F356F552AFDDA967C7307BEF52E7FF", "CB765B8720A2E211CEA709C71E6C4409A9A1FE0813B5C8FA4AE6417BE059E68A", "CBCC379563323EBE1812461205257622C05A3C7EB51AEE2176BCFB46533D2159", "CC1A4751363BAF070355299EF4837A7E17D105E504AC93B43A4CACBE41426035", "CC6DB3505939453FB542901C62C95B2A03B3815D8482DF559005310A267A606D", "CCFBBF17D9A696428033DD621D20DBA44A61CCB92DE126AC9B8A8CA1DDE1D0EB", "CD07568ED0ED0755A81F0FAAB2708FA8AAC3BA618A3434B98C44AA7ECD3EE952", "D16BB3B63F820806338161CA1080F3C27550FA2CD017A11E0C7250AB6C05CD77", "D1F42AA8CB20DBF23F25294AF1D5952B14F11D54D59A127F5802F150505DD446", "D4F9AE28EA501CF2A176391E0E920E7B7FC3A2D7D8CE5319FAE6CA44DF5B1E04", "D737A8C94C930B47803CAEB6FC01A6B08302D409FE64A0E40960433AFCACF7A4", "DB866DC8DC23646847AE5E9E25C02B2DF2A195A414B2734DCAA102E637957BAF", "DC103410561C74F2BE482D1DC9D39673C4CA0201FA7430A6DA0052ED558DCC5F", "DFB4A89370117A0C76AEBA610891449C199F7498B60521F9612F1A48A7736A6B", "E07C0C4D82739BCF3EC12790499FE045BA8E517D49D7B04601CDBB95AF91DA23", "E3347BCB529A35601F044748C20F62BDDA272E18F4F99AF1DC1EC2079BD36858", "E3E29938D5D0031514AFE0A7E80C2513F25C4DCE6D5E26A93BE99C9CA93B0FEA", "E4B907FE5279D8C6CE8330CC79305C67649550BA06CF29D70ABB593E6074803D", "E5C9021CFF3428F4B3B0F66CCD3134EB51552CD8CB2E83DF36DD8403ADFA8179", "E7B4E1607446FED2E1EA3DED4F35354BBD746B762279FBE37A746CB69873BBAB", "E7CD7DB0F968EEE7B8FE20C80C08018385BAE3E1AD7510C813DD097869B900D5", "E8FB04B96E4922EE98A4E39A82665391B5E33FFBD84BF83FC189E8E9D5922FC8", "EBCAE79C78E25C53F68D6476B1A365416013A82CC75BAFBA0C65816EA47B537E", "EBD6110D65EB41702B40A5795DBF9BE4F150B84442976771BAD2D5EE26847349", "EC583EC959A2A069B275113A4307EA1C258F0306C4E67508A1300BE5A8431AC2", "ED796DA12F35B849EC739966324C81FE11BDCC6E2DCB25F912D4D4A08B754359", "EFC1B556A22098087C19B5342F262C1D63356C91A618DD58A453DF339E10D8AD", "F10F8D3E795F8FC960C9DE67D3C8A350C036905B85F3908BFE6956BF772DB36B", "F1A3DFA7EB79FE51E9EE40DE7EE818B3181F7D6FFEBD16C7E5DC5676556369E6", "F65F1D96E364841337F0770420AA39E180E57CF181628F15C7259D9D9A9E8BDD", "FA28CB50714C2E033435E17981D021316797914289ED09AB906E1A7CBA22C8A3", "FA8947935D7353A8494BB4E9213036F88B784759F33BB661330A2FD4F6E4F874", "FC367D3847B3B18A075985BFC8A2A8898C7B9AFE3FE16A6F84968131CD5047B4", "FD2209B7CB15638992B681C2106BFB54C56CAD087AEDD9B4249C0F8E7ADCB3D2", "FDE1BF635D60EE0CA8051E326BCA1EFB7C7E659B969B5B079432E17D2860391E", "FE6D95CEEFE9596CD6D6134F8326AB13E3C97D550B3E62F57DECDBDBC51C329A", "FE89F8E2C667D09C2C5C2208AC1E6F9525947B9E4A96A92CFD5C9D80113D73FB", "FEE45A44E8C46E13896C20C8C9B2A275C16E5652E4DF723FE4A044838B932DB1", "FFD20BDA9DC0CD5DDBF6748696EACE0D0B49FB850C5DF5A2ED65A12A1B79DB4F"]}, {"type": "ics", "idList": ["ICSA-21-306-01", "ICSA-21-336-06", "ICSA-22-055-02", "ICSA-22-069-09", "ICSA-22-097-01", "ICSA-22-104-05", "ICSA-22-116-01", "ICSA-22-130-06"]}, {"type": "joomla", "idList": ["JOOMLA-816"]}, {"type": "kaspersky", "idList": ["KLA12311"]}, {"type": "mageia", "idList": ["MGASA-2020-0023", "MGASA-2020-0465", "MGASA-2020-0467", "MGASA-2021-0108", "MGASA-2021-0176"]}, {"type": "mscve", "idList": ["MS:ADV200007", "MS:CVE-2020-1971", "MS:CVE-2021-3449"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1519.NASL", "AL2_ALAS-2020-1573.NASL", "AL2_ALAS-2021-1608.NASL", "AL2_ALAS-2021-1612.NASL", "AL2_ALAS-2021-1622.NASL", "AL2_ALAS-2021-1626.NASL", "AL2_ALAS-2021-1687.NASL", "ALA_ALAS-2020-1456.NASL", "ALA_ALAS-2021-1482.NASL", "ALMA_LINUX_ALSA-2020-5476.NASL", "ALMA_LINUX_ALSA-2021-1024.NASL", "ALMA_LINUX_ALSA-2021-4142.NASL", "ALMA_LINUX_ALSA-2021-4198.NASL", "ALMA_LINUX_ALSA-2021-4424.NASL", "CENTOS8_RHSA-2020-4514.NASL", "CENTOS8_RHSA-2020-4670.NASL", "CENTOS8_RHSA-2020-4847.NASL", "CENTOS8_RHSA-2020-5476.NASL", "CENTOS8_RHSA-2021-1024.NASL", "CENTOS8_RHSA-2021-1846.NASL", "CENTOS8_RHSA-2021-4142.NASL", "CENTOS8_RHSA-2021-4198.NASL", "CENTOS8_RHSA-2021-4424.NASL", "CENTOS_RHSA-2020-3936.NASL", "CENTOS_RHSA-2020-5566.NASL", "CENTOS_RHSA-2021-3798.NASL", "DEBIAN_DLA-2492.NASL", "DEBIAN_DLA-2493.NASL", "DEBIAN_DLA-2563.NASL", "DEBIAN_DLA-2565.NASL", "DEBIAN_DLA-2608.NASL", "DEBIAN_DLA-2751.NASL", "DEBIAN_DLA-2952.NASL", "DEBIAN_DSA-4594.NASL", "DEBIAN_DSA-4661.NASL", "DEBIAN_DSA-4693.NASL", "DEBIAN_DSA-4807.NASL", "DEBIAN_DSA-4855.NASL", "DEBIAN_DSA-4875.NASL", "DRUPAL_8_8_6.NASL", "EULEROS_SA-2019-2699.NASL", "EULEROS_SA-2020-1021.NASL", "EULEROS_SA-2020-1063.NASL", "EULEROS_SA-2020-1333.NASL", "EULEROS_SA-2020-1444.NASL", "EULEROS_SA-2020-1538.NASL", "EULEROS_SA-2020-1613.NASL", "EULEROS_SA-2020-1625.NASL", "EULEROS_SA-2020-1629.NASL", "EULEROS_SA-2021-1014.NASL", "EULEROS_SA-2021-1033.NASL", "EULEROS_SA-2021-1104.NASL", "EULEROS_SA-2021-1160.NASL", "EULEROS_SA-2021-1338.NASL", "EULEROS_SA-2021-1339.NASL", "EULEROS_SA-2021-1376.NASL", "EULEROS_SA-2021-1418.NASL", "EULEROS_SA-2021-1505.NASL", "EULEROS_SA-2021-1549.NASL", "EULEROS_SA-2021-1615.NASL", "EULEROS_SA-2021-1619.NASL", "EULEROS_SA-2021-1637.NASL", "EULEROS_SA-2021-1695.NASL", "EULEROS_SA-2021-1696.NASL", "EULEROS_SA-2021-1721.NASL", "EULEROS_SA-2021-1740.NASL", "EULEROS_SA-2021-1825.NASL", "EULEROS_SA-2021-1826.NASL", "EULEROS_SA-2021-1882.NASL", "EULEROS_SA-2021-1907.NASL", "EULEROS_SA-2021-1908.NASL", "EULEROS_SA-2021-1909.NASL", "EULEROS_SA-2021-1935.NASL", "EULEROS_SA-2021-1956.NASL", "EULEROS_SA-2021-1960.NASL", "EULEROS_SA-2021-1970.NASL", "EULEROS_SA-2021-1985.NASL", "EULEROS_SA-2021-2005.NASL", "EULEROS_SA-2021-2020.NASL", "EULEROS_SA-2021-2032.NASL", "EULEROS_SA-2021-2044.NASL", "EULEROS_SA-2021-2052.NASL", "EULEROS_SA-2021-2063.NASL", "EULEROS_SA-2021-2091.NASL", "EULEROS_SA-2021-2154.NASL", "EULEROS_SA-2021-2225.NASL", "EULEROS_SA-2021-2416.NASL", "EULEROS_SA-2021-2417.NASL", "EULEROS_SA-2021-2418.NASL", "EULEROS_SA-2021-2456.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2566.NASL", "EULEROS_SA-2021-2758.NASL", "EULEROS_SA-2021-2785.NASL", "EULEROS_SA-2021-2872.NASL", "EULEROS_SA-2021-2874.NASL", "EULEROS_SA-2022-1059.NASL", "F5_BIGIP_SOL24624116.NASL", "F5_BIGIP_SOL42910051.NASL", "FEDORA_2020-0B32A59B54.NASL", "FEDORA_2020-11BE4B36D4.NASL", "FEDORA_2020-36D2DB5F51.NASL", "FEDORA_2020-A31B01E945.NASL", "FEDORA_2020-D7B29838F6.NASL", "FEDORA_2020-DA2D1EF2D7.NASL", "FEDORA_2020-EF1870065A.NASL", "FEDORA_2020-FBB94073A1.NASL", "FREEBSD_PKG_012809CE83F311EA92AB00163E433440.NASL", "FREEBSD_PKG_08B553ED537A11EBBE6E0022489AD614.NASL", "FREEBSD_PKG_1D56CFC5397011EB929DD4C9EF517024.NASL", "FREEBSD_PKG_1FB13175ED5211EA8B93001B217B3468.NASL", "FREEBSD_PKG_2F3CD69E7DEE11EBB92E0022489AD614.NASL", "FREEBSD_PKG_56BA4513A1BE11EB9072D4C9EF517024.NASL", "FREEBSD_PKG_5A668AB38D8611EBB8D6D4C9EF517024.NASL", "FREEBSD_PKG_96A21236707B11EB96D8D4C9EF517024.NASL", "FREEBSD_PKG_C0C1834C976111EBACFD0022489AD614.NASL", "FREEBSD_PKG_CD2DC126CFE411EA91724C72B94353B5.NASL", "FREEBSD_PKG_D778DDB0233811EAA1C7B499BAEBFEAF.NASL", "FREEBSD_PKG_E84831158B8E11EABDCF001B217B3468.NASL", "GENTOO_GLSA-202004-10.NASL", "GENTOO_GLSA-202007-03.NASL", "GENTOO_GLSA-202012-13.NASL", "GENTOO_GLSA-202103-03.NASL", "JIRA_8_15_0_JRASERVER-72052.NASL", "JOOMLA_3919.NASL", "JQUERY_CVE-2020-11022.NASL", "JUNIPER_JSA11025.NASL", "MYSQL_5_6_49.NASL", "MYSQL_5_7_31.NASL", "MYSQL_5_7_33.NASL", "MYSQL_5_7_34.NASL", "MYSQL_8_0_21.NASL", "MYSQL_8_0_23.NASL", "MYSQL_8_0_24.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_21_1240.NASL", "NESSUS_TNS_2021_04.NASL", "NEWSTART_CGSL_NS-SA-2021-0020_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0045_IPA.NASL", "NEWSTART_CGSL_NS-SA-2021-0086_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0104_IPA.NASL", "NEWSTART_CGSL_NS-SA-2021-0158_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0171_IPA.NASL", "NEWSTART_CGSL_NS-SA-2022-0017_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2022-0037_IPA.NASL", "NNM_5_13_0.NASL", "NNM_5_13_1.NASL", "NODEJS_2021_FEB.NASL", "NODEJS_2021_JAN.NASL", "OPENSSL_1_0_2U.NASL", "OPENSSL_1_0_2X.NASL", "OPENSSL_1_0_2Y.NASL", "OPENSSL_1_1_1E_DEV.NASL", "OPENSSL_1_1_1G.NASL", "OPENSSL_1_1_1I.NASL", "OPENSSL_1_1_1J.NASL", "OPENSSL_1_1_1K.NASL", "OPENSUSE-2020-1060.NASL", "OPENSUSE-2020-1888.NASL", "OPENSUSE-2020-2223.NASL", "OPENSUSE-2020-2236.NASL", "OPENSUSE-2020-2245.NASL", "OPENSUSE-2020-2269.NASL", "OPENSUSE-2020-61.NASL", "OPENSUSE-2020-62.NASL", "OPENSUSE-2020-933.NASL", "OPENSUSE-2020-945.NASL", "OPENSUSE-2021-1059.NASL", "OPENSUSE-2021-1061.NASL", "OPENSUSE-2021-1130.NASL", "OPENSUSE-2021-2327.NASL", "OPENSUSE-2021-2353.NASL", "OPENSUSE-2021-2575.NASL", "OPENSUSE-2021-2637.NASL", "OPENSUSE-2021-2795.NASL", "OPENSUSE-2021-357.NASL", "OPENSUSE-2021-372.NASL", "OPENSUSE-2021-427.NASL", "OPENSUSE-2021-430.NASL", "OPENSUSE-2021-476.NASL", "OPENSUSE-2021-64.NASL", "OPENSUSE-2021-65.NASL", "OPENSUSE-2021-82.NASL", "ORACLELINUX_ELSA-2020-4514.NASL", "ORACLELINUX_ELSA-2020-5476.NASL", "ORACLELINUX_ELSA-2020-55661.NASL", "ORACLELINUX_ELSA-2021-0860.NASL", "ORACLELINUX_ELSA-2021-1024.NASL", "ORACLELINUX_ELSA-2021-1846.NASL", "ORACLELINUX_ELSA-2021-3798.NASL", "ORACLELINUX_ELSA-2021-4424.NASL", "ORACLELINUX_ELSA-2021-9121.NASL", "ORACLELINUX_ELSA-2021-9137.NASL", "ORACLELINUX_ELSA-2021-9150.NASL", "ORACLELINUX_ELSA-2021-9151.NASL", "ORACLELINUX_ELSA-2021-9400.NASL", "ORACLELINUX_ELSA-2021-9478.NASL", "ORACLELINUX_ELSA-2021-9528.NASL", "ORACLELINUX_ELSA-2021-9552.NASL", "ORACLELINUX_ELSA-2021-9561.NASL", "ORACLELINUX_ELSA-2022-9177.NASL", "ORACLEVM_OVMSA-2021-0011.NASL", "ORACLE_BI_PUBLISHER_APR_2021_CPU.NASL", "ORACLE_E-BUSINESS_CPU_APR_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_JUL_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_OCT_2020.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2021_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JUL_2020_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_OCT_2020_CPU.NASL", "ORACLE_GOLDENGATE_CPU_OCT_2021.NASL", "ORACLE_HTTP_SERVER_CPU_OCT_2020.NASL", "ORACLE_HTTP_SERVER_CPU_OCT_2021.NASL", "ORACLE_JDEVELOPER_CPU_OCT_2020.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_JUL_2020.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_23.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "ORACLE_OATS_CPU_JAN_2021.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2021.NASL", "ORACLE_RDBMS_CPU_APR_2021.NASL", "ORACLE_RDBMS_CPU_OCT_2020.NASL", "ORACLE_WEBCENTER_SITES_JAN_2021_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2020.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2021.NASL", "PHOTONOS_PHSA-2020-1_0-0264_OPENSSL.NASL", "PHOTONOS_PHSA-2020-1_0-0345_OPENSSL.NASL", "PHOTONOS_PHSA-2020-2_0-0204_NXTGN.NASL", "PHOTONOS_PHSA-2020-2_0-0304_OPENSSL.NASL", "PHOTONOS_PHSA-2020-3_0-0048_OPENSSL.NASL", "PHOTONOS_PHSA-2020-3_0-0054_NXTGN.NASL", "PHOTONOS_PHSA-2020-3_0-0082_NXTGN.NASL", "PHOTONOS_PHSA-2020-3_0-0175_NXTGN.NASL", "PHOTONOS_PHSA-2020-3_0-0175_OPENSSL.NASL", "PHOTONOS_PHSA-2021-1_0-0366_OPENSSL.NASL", "PHOTONOS_PHSA-2021-2_0-0331_NXTGN.NASL", "PHOTONOS_PHSA-2021-3_0-0210_NXTGN.NASL", "PHOTONOS_PHSA-2021-4_0-0007_MYSQL.NASL", "PHOTONOS_PHSA-2021-4_0-0007_OPENSSL.NASL", "REDHAT-RHSA-2020-2217.NASL", "REDHAT-RHSA-2020-2362.NASL", "REDHAT-RHSA-2020-3369.NASL", "REDHAT-RHSA-2020-3807.NASL", "REDHAT-RHSA-2020-3936.NASL", "REDHAT-RHSA-2020-4384.NASL", "REDHAT-RHSA-2020-4514.NASL", "REDHAT-RHSA-2020-4670.NASL", "REDHAT-RHSA-2020-4847.NASL", "REDHAT-RHSA-2020-5412.NASL", "REDHAT-RHSA-2020-5422.NASL", "REDHAT-RHSA-2020-5476.NASL", "REDHAT-RHSA-2020-5566.NASL", "REDHAT-RHSA-2020-5588.NASL", "REDHAT-RHSA-2020-5623.NASL", "REDHAT-RHSA-2020-5637.NASL", "REDHAT-RHSA-2020-5639.NASL", "REDHAT-RHSA-2020-5640.NASL", "REDHAT-RHSA-2020-5641.NASL", "REDHAT-RHSA-2020-5642.NASL", "REDHAT-RHSA-2021-0056.NASL", "REDHAT-RHSA-2021-0486.NASL", "REDHAT-RHSA-2021-0489.NASL", "REDHAT-RHSA-2021-0494.NASL", "REDHAT-RHSA-2021-0860.NASL", "REDHAT-RHSA-2021-1024.NASL", "REDHAT-RHSA-2021-1063.NASL", "REDHAT-RHSA-2021-1131.NASL", "REDHAT-RHSA-2021-1189.NASL", "REDHAT-RHSA-2021-1195.NASL", "REDHAT-RHSA-2021-1199.NASL", "REDHAT-RHSA-2021-1202.NASL", "REDHAT-RHSA-2021-1846.NASL", "REDHAT-RHSA-2021-4142.NASL", "REDHAT-RHSA-2021-4198.NASL", "REDHAT-RHSA-2021-4424.NASL", "REDHAT-RHSA-2021-4614.NASL", "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "SECURITYCENTER_5_17_0_TNS_2021_06.NASL", "SECURITYCENTER_5_19_0_TNS_2021_08.NASL", "SECURITYCENTER_5_19_0_TNS_2021_08_XSS.NASL", "SECURITYCENTER_5_19_0_TNS_2021_14.NASL", "SECURITYCENTER_OPENSSL_1_1_1J_TNS_2021_03.NASL", "SECURITYCENTER_OPENSSL_1_1_1K_TNS_2021_03.NASL", "SLACKWARE_SSA_2019-354-01.NASL", "SL_20201001_IPA_ON_SL7_X.NASL", "SL_20201217_OPENSSL_ON_SL7_X.NASL", "SMB_NT_MS21_NOV_VISUAL_STUDIO.NASL", "SMB_NT_MS21_OCT_VISUAL_STUDIO.NASL", "SUSE_SU-2020-0002-1.NASL", "SUSE_SU-2020-0028-1.NASL", "SUSE_SU-2020-0064-1.NASL", "SUSE_SU-2020-0069-1.NASL", "SUSE_SU-2020-0099-1.NASL", "SUSE_SU-2020-0474-1.NASL", "SUSE_SU-2020-1058-1.NASL", "SUSE_SU-2020-14560-1.NASL", "SUSE_SU-2020-2041-1.NASL", "SUSE_SU-2020-3720-1.NASL", "SUSE_SU-2020-3721-1.NASL", "SUSE_SU-2020-3722-1.NASL", "SUSE_SU-2020-3732-1.NASL", "SUSE_SU-2020-3740-1.NASL", "SUSE_SU-2020-3762-1.NASL", "SUSE_SU-2020-3763-1.NASL", "SUSE_SU-2021-0060-1.NASL", "SUSE_SU-2021-0062-1.NASL", "SUSE_SU-2021-0068-1.NASL", "SUSE_SU-2021-0082-1.NASL", "SUSE_SU-2021-0649-1.NASL", "SUSE_SU-2021-0651-1.NASL", "SUSE_SU-2021-0673-1.NASL", "SUSE_SU-2021-0674-1.NASL", "SUSE_SU-2021-0725-1.NASL", "SUSE_SU-2021-0752-1.NASL", "SUSE_SU-2021-0753-1.NASL", "SUSE_SU-2021-0754-1.NASL", "SUSE_SU-2021-0755-1.NASL", "SUSE_SU-2021-0769-1.NASL", "SUSE_SU-2021-0793-1.NASL", "SUSE_SU-2021-0939-1.NASL", "SUSE_SU-2021-0954-1.NASL", "SUSE_SU-2021-0955-1.NASL", "SUSE_SU-2021-0955-2.NASL", "SUSE_SU-2021-14667-1.NASL", "SUSE_SU-2021-14670-1.NASL", "SUSE_SU-2021-2323-1.NASL", "SUSE_SU-2021-2326-1.NASL", "SUSE_SU-2021-2327-1.NASL", "SUSE_SU-2021-2353-1.NASL", "SUSE_SU-2021-2564-1.NASL", "SUSE_SU-2021-2636-1.NASL", "SUSE_SU-2021-2637-1.NASL", "SUSE_SU-2021-2638-1.NASL", "SUSE_SU-2021-2795-1.NASL", "TENABLE_NESSUS_AGENT_TNS_2020_03.NASL", "TENABLE_NESSUS_AGENT_TNS_2021_04.NASL", "TENABLE_OT_SIEMENS_CVE-2021-3449.NASL", "UBUNTU_USN-4376-1.NASL", "UBUNTU_USN-4504-1.NASL", "UBUNTU_USN-4662-1.NASL", "UBUNTU_USN-4738-1.NASL", "UBUNTU_USN-4891-1.NASL", "UBUNTU_USN-5038-1.NASL", "UBUNTU_USN-5088-1.NASL", "WEB_APPLICATION_SCANNING_112383", "WEB_APPLICATION_SCANNING_112430", "WEB_APPLICATION_SCANNING_112437", "WEB_APPLICATION_SCANNING_112438", "WEB_APPLICATION_SCANNING_112485"]}, {"type": "nodejs", "idList": ["NODEJS:1518"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2019-1551", "OPENSSL:CVE-2020-1967", "OPENSSL:CVE-2020-1971", "OPENSSL:CVE-2021-23840", "OPENSSL:CVE-2021-3449"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108752", "OPENVAS:1361412562310108753", "OPENVAS:1361412562310108764", "OPENVAS:1361412562310108811", "OPENVAS:1361412562310143812", "OPENVAS:1361412562310143813", "OPENVAS:1361412562310144144", "OPENVAS:1361412562310144145", "OPENVAS:1361412562310704594", "OPENVAS:1361412562310704661", "OPENVAS:1361412562310704693", "OPENVAS:1361412562310844450", "OPENVAS:1361412562310853001", "OPENVAS:1361412562310853254", "OPENVAS:1361412562310853258", "OPENVAS:1361412562310877736", "OPENVAS:1361412562310877748", "OPENVAS:1361412562310877816", "OPENVAS:1361412562310877925", "OPENVAS:1361412562310877975", "OPENVAS:1361412562311220192699", "OPENVAS:1361412562311220201021", "OPENVAS:1361412562311220201063", "OPENVAS:1361412562311220201333", "OPENVAS:1361412562311220201444", "OPENVAS:1361412562311220201538", "OPENVAS:1361412562311220201613", "OPENVAS:1361412562311220201625", "OPENVAS:1361412562311220201629"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUJAN2021", "ORACLE:CPUJAN2022", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-3936", "ELSA-2020-4514", "ELSA-2020-4670", "ELSA-2020-4847", "ELSA-2020-5476", "ELSA-2020-5566-1", "ELSA-2021-0860", "ELSA-2021-1024", "ELSA-2021-1846", "ELSA-2021-3798", "ELSA-2021-4424", "ELSA-2021-9121", "ELSA-2021-9137", "ELSA-2021-9150", "ELSA-2021-9151", "ELSA-2021-9400", "ELSA-2021-9478", "ELSA-2021-9528", "ELSA-2021-9552", "ELSA-2021-9561", "ELSA-2022-9177"]}, {"type": "osv", "idList": ["OSV:DLA-2492-1", "OSV:DLA-2493-1", "OSV:DLA-2563-1", "OSV:DLA-2565-1", "OSV:DLA-2608-1", "OSV:DLA-2751-1", "OSV:DLA-2952-1", "OSV:DSA-4594-1", "OSV:DSA-4661-1", "OSV:DSA-4693-1", "OSV:DSA-4807-1", "OSV:DSA-4855-1", "OSV:DSA-4875-1", "OSV:GHSA-83MX-573X-5RW9", "OSV:GHSA-CQCC-MM6X-VMVW", "OSV:GHSA-GXR4-XJJ5-5PX2", "OSV:GHSA-JPCQ-CGW6-V4J6", "OSV:GHSA-JQ65-29V4-4X35", "OSV:GHSA-QGM6-9472-PWQ7", "OSV:GHSA-V73W-R9XG-7CR9", "OSV:RUSTSEC-2020-0015", "OSV:RUSTSEC-2021-0055", "OSV:RUSTSEC-2021-0057"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:162159", "PACKETSTORM:162160"]}, {"type": "photon", "idList": ["PHSA-2020-0048", "PHSA-2020-0054", "PHSA-2020-0082", "PHSA-2020-0175", "PHSA-2020-0203", "PHSA-2020-0204", "PHSA-2020-0233", "PHSA-2020-0264", "PHSA-2020-0345", "PHSA-2020-1.0-0264", "PHSA-2020-1.0-0345", "PHSA-2020-2.0-0201", "PHSA-2020-2.0-0204", "PHSA-2020-2.0-0233", "PHSA-2020-2.0-0304", "PHSA-2020-3.0-0048", "PHSA-2020-3.0-0054", "PHSA-2020-3.0-0082", "PHSA-2020-3.0-0175", "PHSA-2021-0007", "PHSA-2021-0197", "PHSA-2021-0200", "PHSA-2021-0210", "PHSA-2021-0331", "PHSA-2021-0366", "PHSA-2021-1.0-0366", "PHSA-2021-2.0-0325", "PHSA-2021-2.0-0331", "PHSA-2021-3.0-0200", "PHSA-2021-3.0-0210", "PHSA-2021-4.0-0007"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25"]}, {"type": "redhat", "idList": ["RHSA-2020:2217", "RHSA-2020:2362", "RHSA-2020:2412", "RHSA-2020:2813", "RHSA-2020:3247", "RHSA-2020:3369", "RHSA-2020:3807", "RHSA-2020:3936", "RHSA-2020:4211", "RHSA-2020:4298", "RHSA-2020:4383", "RHSA-2020:4384", "RHSA-2020:4514", "RHSA-2020:4670", "RHSA-2020:4847", "RHSA-2020:5149", "RHSA-2020:5249", "RHSA-2020:5364", "RHSA-2020:5412", "RHSA-2020:5422", "RHSA-2020:5476", "RHSA-2020:5566", "RHSA-2020:5588", "RHSA-2020:5605", "RHSA-2020:5614", "RHSA-2020:5623", "RHSA-2020:5633", "RHSA-2020:5635", "RHSA-2020:5637", "RHSA-2020:5639", "RHSA-2020:5640", "RHSA-2020:5641", "RHSA-2020:5642", "RHSA-2021:0037", "RHSA-2021:0039", "RHSA-2021:0050", "RHSA-2021:0056", "RHSA-2021:0083", "RHSA-2021:0146", "RHSA-2021:0187", "RHSA-2021:0190", "RHSA-2021:0436", "RHSA-2021:0486", "RHSA-2021:0488", "RHSA-2021:0489", "RHSA-2021:0491", "RHSA-2021:0494", "RHSA-2021:0495", "RHSA-2021:0607", "RHSA-2021:0778", "RHSA-2021:0799", "RHSA-2021:0860", "RHSA-2021:0949", "RHSA-2021:1024", "RHSA-2021:1063", "RHSA-2021:1129", "RHSA-2021:1131", "RHSA-2021:1168", "RHSA-2021:1189", "RHSA-2021:1195", "RHSA-2021:1196", "RHSA-2021:1199", "RHSA-2021:1200", "RHSA-2021:1202", "RHSA-2021:1203", "RHSA-2021:1230", "RHSA-2021:1338", "RHSA-2021:1369", "RHSA-2021:1448", "RHSA-2021:1846", "RHSA-2021:2021", "RHSA-2021:2041", "RHSA-2021:2130", "RHSA-2021:2479", "RHSA-2021:2532", "RHSA-2021:2543", "RHSA-2021:3016", "RHSA-2021:3556", "RHSA-2021:3798", "RHSA-2021:3873", "RHSA-2021:3925", "RHSA-2021:3949", "RHSA-2021:4032", "RHSA-2021:4142", "RHSA-2021:4198", "RHSA-2021:4424", "RHSA-2021:4613", "RHSA-2021:4614", "RHSA-2021:4627", "RHSA-2021:4845", "RHSA-2021:4848", "RHSA-2021:4861", "RHSA-2021:4863", "RHSA-2021:4902", "RHSA-2021:4914", "RHSA-2021:5038", "RHSA-2021:5128", "RHSA-2021:5137", "RHSA-2022:0056"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-1551", "RH:CVE-2020-11022", "RH:CVE-2020-11023", "RH:CVE-2020-1967", "RH:CVE-2020-1971", "RH:CVE-2020-36242", "RH:CVE-2021-23840", "RH:CVE-2021-3449"]}, {"type": "rustsec", "idList": ["RUSTSEC-2020-0015", "RUSTSEC-2021-0055", "RUSTSEC-2021-0057"]}, {"type": "seebug", "idList": ["SSV:99170"]}, {"type": "slackware", "idList": ["SSA-2019-354-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0062-1", "OPENSUSE-SU-2020:0933-1", "OPENSUSE-SU-2020:0945-1", "OPENSUSE-SU-2020:1060-1", "OPENSUSE-SU-2020:1106-1", "OPENSUSE-SU-2020:1888-1", "OPENSUSE-SU-2020:2223-1", "OPENSUSE-SU-2020:2236-1", "OPENSUSE-SU-2020:2245-1", "OPENSUSE-SU-2020:2269-1", "OPENSUSE-SU-2021:0064-1", "OPENSUSE-SU-2021:0065-1", "OPENSUSE-SU-2021:0082-1", "OPENSUSE-SU-2021:0357-1", "OPENSUSE-SU-2021:0372-1", "OPENSUSE-SU-2021:0427-1", "OPENSUSE-SU-2021:0430-1", "OPENSUSE-SU-2021:0476-1", "OPENSUSE-SU-2021:1059-1", "OPENSUSE-SU-2021:1061-1", "OPENSUSE-SU-2021:2327-1", "OPENSUSE-SU-2021:2353-1"]}, {"type": "symantec", "idList": ["SMNTC-111133", "SMNTC-17570", "SMNTC-1768", "SMNTC-17849"]}, {"type": "thn", "idList": ["THN:D65992731CD4A3B443CD2E03761CE18B"]}, {"type": "threatpost", "idList": ["THREATPOST:C408DF21547B7B4327FBAB82B97A4C96"]}, {"type": "typo3", "idList": ["TYPO3-EXT-SA-2020-015"]}, {"type": "ubuntu", "idList": ["USN-4376-1", "USN-4504-1", "USN-4662-1", "USN-4738-1", "USN-4745-1", "USN-4891-1", "USN-5038-1", "USN-5088-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-1551", "UB:CVE-2020-11022", "UB:CVE-2020-11023", "UB:CVE-2020-1967", "UB:CVE-2020-1971", "UB:CVE-2021-23840", "UB:CVE-2021-3449"]}, {"type": "veracode", "idList": ["VERACODE:22144", "VERACODE:25140", "VERACODE:25141", "VERACODE:26076", "VERACODE:28524", "VERACODE:29418", "VERACODE:29835"]}, {"type": "zdt", "idList": ["1337DAY-ID-36102", "1337DAY-ID-36103"]}]}, "score": {"value": 0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY32.ASC", "OPENSSL_ADVISORY33.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:4670", "ALSA-2020:5476", "ALSA-2021:1024", "ALSA-2021:1846"]}, {"type": "amazon", "idList": ["ALAS2-2020-1519", "ALAS2-2021-1622", "ALAS2-2021-1626", "ALAS2-2021-1687"]}, {"type": "archlinux", "idList": ["ASA-202004-18", "ASA-202004-19", "ASA-202103-10"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-72052"]}, {"type": "attackerkb", "idList": ["AKB:93D7F9FF-1F51-45C7-8172-B3E45415E966"]}, {"type": "centos", "idList": ["CESA-2020:3936"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-0407", "CPAI-2020-1183"]}, {"type": "checkpoint_security", "idList": ["CPS:SK172983"]}, {"type": "cisco", "idList": ["CISCO-SA-OPENSSL-2021-GHY28DJD"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:431A5FEB07A8E937BEDFD31D7F1BE817", "CFOUNDRY:79AEA0CB72178344BEE07C9B9FEA86F0", "CFOUNDRY:BCFE0333C3F2E89FFDF11615D117C9AF"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1608724134"]}, {"type": "cve", "idList": ["CVE-2019-1551", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-1967", "CVE-2021-3449"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2608-1:50303", "DEBIAN:DSA-4594-1:28CBC", "DEBIAN:DSA-4661-1:70270", "DEBIAN:DSA-4693-1:F5786", "DEBIAN:DSA-4875-1:AE1B0"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-11022", "DEBIANCVE:CVE-2020-11023"]}, {"type": "exploitdb", "idList": ["EDB-ID:49766", "EDB-ID:49767"]}, {"type": "f5", "idList": ["F5:K01251345", "F5:K02453220", "F5:K24624116", "F5:K42910051", "F5:K43798238", "F5:K66544153"]}, {"type": "fedora", "idList": ["FEDORA:3AEB830B2656", "FEDORA:5F36E6079A0D", "FEDORA:77A873096A19", "FEDORA:822D960BF257", "FEDORA:8514B6312F21", "FEDORA:86D5D3097097", "FEDORA:8C9CB30BDABD", "FEDORA:9BFED31347B3", "FEDORA:B0BBE6085FBF", "FEDORA:C7AFE309727E", "FEDORA:DBF7C3092516", "FEDORA:DC7DF3111B2E", "FEDORA:E700F3072E21"]}, {"type": "freebsd", "idList": ["012809CE-83F3-11EA-92AB-00163E433440", "08B553ED-537A-11EB-BE6E-0022489AD614", "56BA4513-A1BE-11EB-9072-D4C9EF517024", "5A668AB3-8D86-11EB-B8D6-D4C9EF517024", "C0C1834C-9761-11EB-ACFD-0022489AD614", "D778DDB0-2338-11EA-A1C7-B499BAEBFEAF", "E8483115-8B8E-11EA-BDCF-001B217B3468"]}, {"type": "gentoo", "idList": ["GLSA-202004-10", "GLSA-202012-13", "GLSA-202103-03"]}, {"type": "github", "idList": ["GHSA-GXR4-XJJ5-5PX2", "GHSA-JPCQ-CGW6-V4J6"]}, {"type": "githubexploit", "idList": ["458891C6-0BE7-5AC1-8119-7DD6B0884A9A", "9D1AE9EC-AAED-5991-9F41-9458ABC7EFC3", "9E63B0B5-5583-5FC0-85B1-048296D9FC6A", "C0148A2C-75C9-5375-AE2F-DBEDCCD0999F", "C3C9928F-AC84-5B3E-980E-F594CABE8EA3"]}, {"type": "hackerone", "idList": ["H1:1113025", "H1:874427"]}, {"type": "hp", "idList": ["HP:C06911998"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200715-01-OPENSSL"]}, {"type": "ibm", "idList": ["023AF7CE811F35CB9EA5BD22171F66AA17D83D1B9FF44FF925D320814BAE40E2", "156A423D91231641B7B06703B06D394BB31F565A2A6E565DA370AE1DFE2E3F38", "17E2A2234B8EB1A1FD88875B4639DD7977B1A0F62BC6D5F9D6C40BAFB9288E47", "1A35248CBBA17AE981ED0B52B133E7CA1678042C1A9C93C2EC8BED2EF8994420", "1A8A5E6AC75FF4A1A546DD1431D4E3A224B13E96434DBC2C5C874D7E73D90553", "1E31E5192E10CAAECCFE249B0EEB57518F8681EB105FB477D1D108CDEEAD4DD9", "2E99FBB731310229E5D67CCF834D84A3C63F588068BE4D2601929B95EFC9AA89", "30A5CA62F6580AAFA852738DF5325C812D685A3292E94F7A9E759C1125E79A0A", "3410A57294243E5BBAFB4C69F17AC837FB02B049396A85D095AF16279272DED9", "3F34AB5AA343AE750DDC18968E6F874BE99938ACC1A401B2E368156C6C827FD8", "40FF55B5795EDDC89506253F7614F64D589E9F985162917C433828167306DB0E", "4E6353F1062DDEE2F859DA9376A59A0A02E58324E8A0BB460968024ADB369792", "4F8D39F3F464E5E9FD3000C317BC69CF4FEEE9F0605C69E62D810607C6BB87CD", "5DC8FB040A584733A88E3C4FB30004B815F71BE1D0193C00019FE31037DC709D", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "6CFD1F4E92DE674FABBF5CB0AB382F8E451BC50559AF2503871032E5B3345584", "8CB93770328F2819DE92FFEB5767258BAD5A547F304198FB72E85CAB4E4E55B4", "8F36292DD2EC673F77E7D26F88D6129155EA165304B1A957E549DC327B6DCB50", "90D59D207E240BE5AC750765C539B8ED7F5604D85518190296B85710EF6190ED", "981346B4F2948F216BED89C4CD8BE79AD6F63DE1FBA4E88FB16B5600DC4A27C5", "ACBA42A9F266755DB30CE35DBA1907FB61B1687AAD3415499AF5573BC67595AA", "E07C0C4D82739BCF3EC12790499FE045BA8E517D49D7B04601CDBB95AF91DA23", "FC367D3847B3B18A075985BFC8A2A8898C7B9AFE3FE16A6F84968131CD5047B4"]}, {"type": "ics", "idList": ["ICSA-22-055-02"]}, {"type": "joomla", "idList": ["JOOMLA-816"]}, {"type": "kaspersky", "idList": ["KLA12311"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/ALPINE-LINUX-CVE-2020-1967/", "MSF:ILITIES/DEBIAN-CVE-2020-1967/", "MSF:ILITIES/FREEBSD-CVE-2019-1551/", "MSF:ILITIES/FREEBSD-CVE-2020-1967/", "MSF:ILITIES/GENTOO-LINUX-CVE-2019-1551/", "MSF:ILITIES/GENTOO-LINUX-CVE-2020-1967/", "MSF:ILITIES/HTTP-OPENSSL-CVE-2020-1967/", "MSF:ILITIES/HTTP-OPENSSL-CVE-2020-1971/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2019-1551/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2019-1551/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2020-1967/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2020-1967/", "MSF:ILITIES/JUNIPER-JUNOS-OS-JSA11025/", "MSF:ILITIES/ORACLE-MYSQL-CVE-2020-1967/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2019-1551/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2020-1967/", "MSF:ILITIES/ORACLE_LINUX-CVE-2019-1551/", "MSF:ILITIES/REDHAT-OPENSHIFT-CVE-2019-1551/", "MSF:ILITIES/REDHAT_LINUX-CVE-2019-1551/", "MSF:ILITIES/SUSE-CVE-2020-1967/", "MSF:ILITIES/UBUNTU-CVE-2019-1551/"]}, {"type": "mscve", "idList": ["MS:ADV200007"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1622.NASL", "AL2_ALAS-2021-1626.NASL", "CENTOS8_RHSA-2020-4514.NASL", "CENTOS8_RHSA-2020-4670.NASL", "CENTOS8_RHSA-2020-4847.NASL", "CENTOS8_RHSA-2020-5476.NASL", "CENTOS8_RHSA-2021-1024.NASL", "CENTOS_RHSA-2020-5566.NASL", "DEBIAN_DLA-2608.NASL", "DEBIAN_DSA-4594.NASL", "DEBIAN_DSA-4661.NASL", "DEBIAN_DSA-4693.NASL", "DEBIAN_DSA-4875.NASL", "EULEROS_SA-2019-2699.NASL", "EULEROS_SA-2020-1021.NASL", "EULEROS_SA-2020-1063.NASL", "EULEROS_SA-2020-1333.NASL", "EULEROS_SA-2020-1444.NASL", "EULEROS_SA-2020-1538.NASL", "EULEROS_SA-2020-1613.NASL", "EULEROS_SA-2021-1014.NASL", "EULEROS_SA-2021-1033.NASL", "EULEROS_SA-2021-1104.NASL", "EULEROS_SA-2021-1160.NASL", "EULEROS_SA-2021-1721.NASL", "EULEROS_SA-2021-1740.NASL", "EULEROS_SA-2021-1825.NASL", "EULEROS_SA-2021-1826.NASL", "EULEROS_SA-2021-1935.NASL", "EULEROS_SA-2021-1956.NASL", "EULEROS_SA-2021-1960.NASL", "EULEROS_SA-2021-1970.NASL", "EULEROS_SA-2021-2456.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2566.NASL", "F5_BIGIP_SOL24624116.NASL", "F5_BIGIP_SOL42910051.NASL", "FEDORA_2020-0B32A59B54.NASL", "FEDORA_2020-11BE4B36D4.NASL", "FEDORA_2020-A31B01E945.NASL", "FEDORA_2020-D7B29838F6.NASL", "FEDORA_2020-DA2D1EF2D7.NASL", "FEDORA_2020-FBB94073A1.NASL", "FREEBSD_PKG_012809CE83F311EA92AB00163E433440.NASL", "FREEBSD_PKG_08B553ED537A11EBBE6E0022489AD614.NASL", "FREEBSD_PKG_56BA4513A1BE11EB9072D4C9EF517024.NASL", "FREEBSD_PKG_5A668AB38D8611EBB8D6D4C9EF517024.NASL", "FREEBSD_PKG_C0C1834C976111EBACFD0022489AD614.NASL", "FREEBSD_PKG_D778DDB0233811EAA1C7B499BAEBFEAF.NASL", "FREEBSD_PKG_E84831158B8E11EABDCF001B217B3468.NASL", "GENTOO_GLSA-202004-10.NASL", "GENTOO_GLSA-202012-13.NASL", "GENTOO_GLSA-202103-03.NASL", "JQUERY_CVE-2020-11022.NASL", "NEWSTART_CGSL_NS-SA-2021-0104_IPA.NASL", "NEWSTART_CGSL_NS-SA-2021-0158_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0171_IPA.NASL", "NODEJS_2021_JAN.NASL", "OPENSSL_1_0_2U.NASL", "OPENSSL_1_1_1E_DEV.NASL", "OPENSUSE-2020-1888.NASL", "OPENSUSE-2020-2245.NASL", "OPENSUSE-2020-2269.NASL", "OPENSUSE-2020-61.NASL", "OPENSUSE-2020-62.NASL", "OPENSUSE-2021-1059.NASL", "OPENSUSE-2021-1061.NASL", "OPENSUSE-2021-476.NASL", "OPENSUSE-2021-64.NASL", "OPENSUSE-2021-65.NASL", "OPENSUSE-2021-82.NASL", "ORACLELINUX_ELSA-2020-4514.NASL", "ORACLELINUX_ELSA-2021-1024.NASL", "ORACLELINUX_ELSA-2021-3798.NASL", "ORACLELINUX_ELSA-2021-9121.NASL", "ORACLELINUX_ELSA-2021-9137.NASL", "ORACLELINUX_ELSA-2021-9150.NASL", "ORACLELINUX_ELSA-2021-9151.NASL", "ORACLELINUX_ELSA-2021-9400.NASL", "ORACLELINUX_ELSA-2021-9528.NASL", "ORACLEVM_OVMSA-2021-0011.NASL", "ORACLE_BI_PUBLISHER_APR_2021_CPU.NASL", "ORACLE_E-BUSINESS_CPU_APR_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_JUL_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2021_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_OCT_2020_CPU.NASL", "ORACLE_HTTP_SERVER_CPU_OCT_2020.NASL", "ORACLE_JDEVELOPER_CPU_OCT_2020.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_23.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "ORACLE_OATS_CPU_JAN_2021.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2021.NASL", "ORACLE_RDBMS_CPU_APR_2021.NASL", "ORACLE_WEBCENTER_SITES_JAN_2021_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2021.NASL", "PHOTONOS_PHSA-2020-1_0-0264_OPENSSL.NASL", "PHOTONOS_PHSA-2020-3_0-0048_OPENSSL.NASL", "PHOTONOS_PHSA-2020-3_0-0082_NXTGN.NASL", "PHOTONOS_PHSA-2021-2_0-0331_NXTGN.NASL", "PHOTONOS_PHSA-2021-3_0-0210_NXTGN.NASL", "PHOTONOS_PHSA-2021-4_0-0007_MYSQL.NASL", "PHOTONOS_PHSA-2021-4_0-0007_OPENSSL.NASL", "REDHAT-RHSA-2020-2217.NASL", "REDHAT-RHSA-2020-2362.NASL", "REDHAT-RHSA-2020-4670.NASL", "REDHAT-RHSA-2020-4847.NASL", "REDHAT-RHSA-2020-5637.NASL", "REDHAT-RHSA-2020-5639.NASL", "REDHAT-RHSA-2020-5640.NASL", "REDHAT-RHSA-2020-5641.NASL", "REDHAT-RHSA-2020-5642.NASL", "REDHAT-RHSA-2021-1024.NASL", "REDHAT-RHSA-2021-1063.NASL", "REDHAT-RHSA-2021-1131.NASL", "REDHAT-RHSA-2021-1189.NASL", "REDHAT-RHSA-2021-1195.NASL", "REDHAT-RHSA-2021-1199.NASL", "REDHAT-RHSA-2021-1202.NASL", "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "SECURITYCENTER_5_17_0_TNS_2021_06.NASL", "SECURITYCENTER_5_19_0_TNS_2021_14.NASL", "SECURITYCENTER_OPENSSL_1_1_1K_TNS_2021_03.NASL", "SLACKWARE_SSA_2019-354-01.NASL", "SMB_NT_MS21_OCT_VISUAL_STUDIO.NASL", "SUSE_SU-2020-0002-1.NASL", "SUSE_SU-2020-0028-1.NASL", "SUSE_SU-2020-0064-1.NASL", "SUSE_SU-2020-0069-1.NASL", "SUSE_SU-2020-0099-1.NASL", "SUSE_SU-2020-0474-1.NASL", "SUSE_SU-2020-1058-1.NASL", "SUSE_SU-2020-14560-1.NASL", "SUSE_SU-2021-0060-1.NASL", "SUSE_SU-2021-0062-1.NASL", "SUSE_SU-2021-0068-1.NASL", "SUSE_SU-2021-0082-1.NASL", "SUSE_SU-2021-0939-1.NASL", "SUSE_SU-2021-0954-1.NASL", "SUSE_SU-2021-0955-1.NASL", "SUSE_SU-2021-14667-1.NASL", "SUSE_SU-2021-14670-1.NASL", "TENABLE_NESSUS_AGENT_TNS_2020_03.NASL", "UBUNTU_USN-4376-1.NASL", "UBUNTU_USN-4504-1.NASL", "UBUNTU_USN-4891-1.NASL", "WEB_APPLICATION_SCANNING_112383", "WEB_APPLICATION_SCANNING_112430", "WEB_APPLICATION_SCANNING_112437", "WEB_APPLICATION_SCANNING_112438", "WEB_APPLICATION_SCANNING_112485"]}, {"type": "nodejs", "idList": ["NODEJS:1518"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2021-23840"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108752", "OPENVAS:1361412562310108753", "OPENVAS:1361412562310108764", "OPENVAS:1361412562310143812", "OPENVAS:1361412562310143813", "OPENVAS:1361412562310704594", "OPENVAS:1361412562310704661", "OPENVAS:1361412562310704693", "OPENVAS:1361412562310844450", "OPENVAS:1361412562310877736", "OPENVAS:1361412562310877748", "OPENVAS:1361412562310877816", "OPENVAS:1361412562310877925", "OPENVAS:1361412562311220201444", "OPENVAS:1361412562311220201538", "OPENVAS:1361412562311220201613"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-3936", "ELSA-2020-4514", "ELSA-2021-1024", "ELSA-2021-3798", "ELSA-2021-9121", "ELSA-2021-9137", "ELSA-2021-9151", "ELSA-2021-9478", "ELSA-2021-9528"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:162159", "PACKETSTORM:162160"]}, {"type": "photon", "idList": ["PHSA-2020-1.0-0264", "PHSA-2020-1.0-0345", "PHSA-2020-2.0-0201", "PHSA-2020-2.0-0204", "PHSA-2020-2.0-0233", "PHSA-2020-2.0-0304", "PHSA-2020-3.0-0048", "PHSA-2020-3.0-0054", "PHSA-2020-3.0-0082", "PHSA-2020-3.0-0175", "PHSA-2021-1.0-0366", "PHSA-2021-2.0-0325", "PHSA-2021-2.0-0331", "PHSA-2021-3.0-0200", "PHSA-2021-3.0-0210", "PHSA-2021-4.0-0007"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25"]}, {"type": "redhat", "idList": ["RHSA-2020:4670", "RHSA-2020:5637", "RHSA-2021:1129", "RHSA-2021:2532"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-1971", "RH:CVE-2020-36242", "RH:CVE-2021-23840", "RH:CVE-2021-3449"]}, {"type": "rustsec", "idList": ["RUSTSEC-2020-0015", "RUSTSEC-2021-0055", "RUSTSEC-2021-0057"]}, {"type": "seebug", "idList": ["SSV:99170"]}, {"type": "slackware", "idList": ["SSA-2019-354-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0062-1", "OPENSUSE-SU-2020:1888-1"]}, {"type": "symantec", "idList": ["SMNTC-1768", "SMNTC-17849"]}, {"type": "thn", "idList": ["THN:D65992731CD4A3B443CD2E03761CE18B"]}, {"type": "threatpost", "idList": ["THREATPOST:C408DF21547B7B4327FBAB82B97A4C96"]}, {"type": "ubuntu", "idList": ["USN-4376-1", "USN-4504-1", "USN-4891-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-3449"]}, {"type": "zdt", "idList": ["1337DAY-ID-36102", "1337DAY-ID-36103"]}]}, "exploitation": null, "vulnersScore": 0.3}, "_state": {"dependencies": 1660032824, "score": 1660033902}, "_internal": {"score_hash": "08edaa722e8a93b110257bb77c6d99ee"}, "pluginID": "150139", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150139);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2019-1551\",\n \"CVE-2020-1967\",\n \"CVE-2020-1971\",\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2021-3449\",\n \"CVE-2021-23840\"\n );\n\n script_name(english:\"Tenable Log Correlation Engine (LCE) < 6.0.9 (TNS-2021-10)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A data aggregation application installed on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Tenable Log Correlation Engine (LCE) installed on the remote host is prior to 6.0.9. It is, therefore,\naffected by multiple vulnerabilities:\n\n - Multiple denial of service vulnerabilities in the included OpenSSL component. (CVE-2019-1551, CVE-2020-1967,\n CVE-2020-1971, CVE-2021-3449, CVE-2021-23840)\n\n - Multiple cross site scripting vulnerabilities in the included JQuery component. (CVE-2020-11022, CVE-2020-11023)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable LCE version 6.0.9 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1551\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:log_correlation_engine\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"lce_installed.nbin\");\n script_require_keys(\"installed_sw/Log Correlation Engine Server\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app = 'Log Correlation Engine Server';\n\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nvar app_info = vcf::get_app_info(app:app);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { 'max_version' : '6.0.8', 'fixed_version' : '6.0.9' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, flags:{xss:TRUE});\n\n", "naslFamily": "Misc.", "cpe": ["cpe:/a:tenable:log_correlation_engine"], "solution": "Upgrade to Tenable LCE version 6.0.9 or later.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2019-1551", "vpr": {"risk factor": "Medium", "score": "6.1"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2021-06-02T00:00:00", "vulnerabilityPublicationDate": "2019-12-06T00:00:00", "exploitableWith": []}

{"nessus": [{"lastseen": "2022-01-15T13:45:52", "description": "According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is earlier than 5.17.0. It is, therefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues nor the stand-alone patch but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-12-23T00:00:00", "type": "nessus", "title": "Tenable SecurityCenter < 5.17.0 Multiple Vulnerabilities (TNS-2020-11)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967", "CVE-2020-1971", "CVE-2020-5808", "CVE-2020-11022"], "modified": "2021-02-09T00:00:00", "cpe": ["cpe:/a:tenable:securitycenter"], "id": "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "href": "https://www.tenable.com/plugins/nessus/144584", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144584);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2019-1551\",\n \"CVE-2020-1967\",\n \"CVE-2020-1971\",\n \"CVE-2020-5808\",\n \"CVE-2020-11022\"\n );\n\n script_name(english:\"Tenable SecurityCenter < 5.17.0 Multiple Vulnerabilities (TNS-2020-11)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Tenable SecurityCenter\napplication installed on the remote host is earlier than 5.17.0. It is,\ntherefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues nor the stand-alone\npatch but has instead relied only on the application's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2020-11\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable SecurityCenter version 5.17.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-5808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:securitycenter\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"securitycenter_installed.nbin\", \"securitycenter_detect.nbin\");\n script_require_ports(\"Host/SecurityCenter/Version\", \"installed_sw/SecurityCenter\");\n\n exit(0);\n}\n\ninclude('vcf_extras.inc');\n\nport = get_http_port(default:443, dont_exit:TRUE);\napp_info = vcf::tenable_sc::get_app_info(port:port);\n\nconstraints = [\n {'fixed_version':'5.16.1', 'fixed_display':'5.17.0'}\n];\n\nvcf::check_version_and_report(\n app_info:app_info, \n constraints:constraints, \n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-01T16:30:28", "description": "This update for otrs fixes the following issues :\n\n - otrs was updated to 6.0.30 (OSA-2020-14 boo#1178434)\n\n - CVE-2020-11022, CVE-2020-11023: Vulnerability in third-party library - jquery OTRS uses jquery version 3.4.1, which is vulnerable to cross-site scripting (XSS).", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : otrs (openSUSE-2020-1888)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-04-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:otrs", "p-cpe:/a:novell:opensuse:otrs-itsm", "cpe:/o:novell:opensuse:15.1", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1888.NASL", "href": "https://www.tenable.com/plugins/nessus/142840", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1888.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142840);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/16\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_name(english:\"openSUSE Security Update : otrs (openSUSE-2020-1888)\");\n script_summary(english:\"Check for the openSUSE-2020-1888 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for otrs fixes the following issues :\n\n - otrs was updated to 6.0.30 (OSA-2020-14 boo#1178434)\n\n - CVE-2020-11022, CVE-2020-11023: Vulnerability in\n third-party library - jquery OTRS uses jquery version\n 3.4.1, which is vulnerable to cross-site scripting\n (XSS).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178434\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected otrs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11023\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:otrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:otrs-itsm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1|SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1 / 15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"otrs-6.0.30-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"otrs-itsm-6.0.30-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"otrs-6.0.30-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"otrs-itsm-6.0.30-lp152.2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"otrs / otrs-itsm\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-14T16:19:34", "description": "According to its self-reported version number, jQuery is at least 1.2.0 and prior to 3.5.0. Therefore, it may be affected by a cross-site scripting vulnerability via the regex operation in jQuery.htmlPrefilter.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-05-14T00:00:00", "type": "nessus", "title": "jQuery 1.2.0 < 3.5.0 Cross-Site Scripting", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112383", "href": "https://www.tenable.com/plugins/was/112383", "sourceData": "No source data", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-08T13:52:53", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-9177 advisory.\n\n - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.\n (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-03-01T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : jquery-ui (ELSA-2022-9177)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-03-02T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:jquery-ui"], "id": "ORACLELINUX_ELSA-2022-9177.NASL", "href": "https://www.tenable.com/plugins/nessus/158471", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9177.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158471);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/02\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"IAVA\", value:\"2021-A-0032\");\n script_xref(name:\"IAVA\", value:\"2020-A-0324\");\n script_xref(name:\"IAVA\", value:\"2021-A-0035-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0196\");\n script_xref(name:\"IAVA\", value:\"2021-A-0480\");\n script_xref(name:\"IAVA\", value:\"2020-A-0481\");\n script_xref(name:\"IAVA\", value:\"2022-A-0029\");\n script_xref(name:\"IAVA\", value:\"2021-A-0194-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n\n script_name(english:\"Oracle Linux 7 : jquery-ui (ELSA-2022-9177)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-9177 advisory.\n\n - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources -\n even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and\n others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option>\n elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods\n (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.\n (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9177.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected jquery-ui package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jquery-ui\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar pkgs = [\n {'reference':'jquery-ui-1.10.4.custom-4.0.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jquery-ui');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-08T13:59:40", "description": "The version of Atlassian Jira installed on the remote host is prior to 8.0.x < 8.15.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-72052 advisory.\n\n - Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023 (CVE-2020-11022)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-07-06T00:00:00", "type": "nessus", "title": "Atlassian Jira 8.0.x < 8.15.0 (JRASERVER-72052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-07-07T00:00:00", "cpe": ["cpe:/a:atlassian:jira"], "id": "JIRA_8_15_0_JRASERVER-72052.NASL", "href": "https://www.tenable.com/plugins/nessus/162747", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162747);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/07\");\n\n script_cve_id(\"CVE-2020-11022\");\n\n script_name(english:\"Atlassian Jira 8.0.x < 8.15.0 (JRASERVER-72052)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Atlassian Jira host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Atlassian Jira installed on the remote host is prior to 8.0.x < 8.15.0. It is, therefore, affected by a\nvulnerability as referenced in the JRASERVER-72052 advisory.\n\n - Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023 (CVE-2020-11022)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jira.atlassian.com/browse/JRASERVER-72052\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Atlassian Jira version 8.15.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:atlassian:jira\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jira_detect.nasl\", \"atlassian_jira_win_installed.nbin\", \"atlassian_jira_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Atlassian JIRA\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nvar app_info = vcf::combined_get_app_info(app:'Atlassian JIRA');\n\nvar constraints = [\n { 'min_version' : '8.0.0', 'fixed_version' : '8.15.0' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-08T14:49:12", "description": "Two vulnerabilities have been discovered in jquery's handling of untrusted HTML which may result in execution of untrusted code.\n\nFor Debian 9 stretch, these problems have been fixed in version 3.1.1-2+deb9u2.\n\nWe recommend that you upgrade your jquery packages.\n\nFor the detailed security status of jquery please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/jquery\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2021-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-2608-1 : jquery security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-04-16T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjs-jquery", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2608.NASL", "href": "https://www.tenable.com/plugins/nessus/148146", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2608-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148146);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/16\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_name(english:\"Debian DLA-2608-1 : jquery security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Two vulnerabilities have been discovered in jquery's handling of\nuntrusted HTML which may result in execution of untrusted code.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.1.1-2+deb9u2.\n\nWe recommend that you upgrade your jquery packages.\n\nFor the detailed security status of jquery please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/jquery\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jquery\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/jquery\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade the affected libjs-jquery package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjs-jquery\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libjs-jquery\", reference:\"3.1.1-2+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-08T14:19:44", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70, 7.0.x prior to 7.70, 8.7.x prior to 8.7.14, or 8.8.x prior to 8.8.6. It is, therefore, affected by multiple vulnerabilities.\n\n - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-05-21T00:00:00", "type": "nessus", "title": "Drupal 7.0.x < 7.70 / 7.0.x < 7.70 / 8.7.x < 8.7.14 / 8.8.x < 8.8.6 Multiple Vulnerabilities (drupal-2020-05-20)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:drupal:drupal"], "id": "DRUPAL_8_8_6.NASL", "href": "https://www.tenable.com/plugins/nessus/136745", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136745);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n\n script_name(english:\"Drupal 7.0.x < 7.70 / 7.0.x < 7.70 / 8.7.x < 8.7.14 / 8.8.x < 8.8.6 Multiple Vulnerabilities (drupal-2020-05-20)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70,\n7.0.x prior to 7.70, 8.7.x prior to 8.7.14, or 8.8.x prior to 8.8.6. It is, therefore, affected by multiple\nvulnerabilities.\n\n - In jQuery versions greater than or equal to 1.2 and\n before 3.5.0, passing HTML from untrusted sources - even\n after sanitizing it - to one of jQuery's DOM\n manipulation methods (i.e. .html(), .append(), and\n others) may execute untrusted code. This problem is\n patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and\n before 3.5.0, passing HTML containing elements\n from untrusted sources - even after sanitizing it - to\n one of jQuery's DOM manipulation methods (i.e. .html(),\n .append(), and others) may execute untrusted code. This\n problem is patched in jQuery 3.5.0. (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/sa-core-2020-003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/7.70\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/sa-core-2020-002\");\n # https://blog.jquery.com/2020/05/04/jquery-3-5-1-released-fixing-a-regression/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f249edf4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://en.wikipedia.org/wiki/Software_regression\");\n # https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?07eeffa7\");\n # https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bc025732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://html.spec.whatwg.org/multipage/custom-elements.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jquery.com/upgrade-guide/3.5/#description-of-the-change\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.7.14\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.8.6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/issues/drupal\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/jquery_update\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/security-team/report-issue\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Drupal version 7.70 / 7.70 / 8.7.14 / 8.8.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/21\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:drupal:drupal\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"drupal_detect.nasl\");\n script_require_keys(\"installed_sw/Drupal\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:80, php:TRUE);\n\napp_info = vcf::get_app_info(app:'Drupal', port:port, webapp:TRUE);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { 'min_version' : '7.0', 'fixed_version' : '7.70' },\n { 'min_version' : '8.7', 'fixed_version' : '8.7.14' },\n { 'min_version' : '8.8', 'fixed_version' : '8.8.6' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-08T14:21:27", "description": "- https://www.drupal.org/project/drupal/releases/8.9.0\n\n- https://www.drupal.org/project/drupal/releases/8.8.7\n\n- https://www.drupal.org/project/drupal/releases/8.8.6\n\n - [SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-0 02) / [CVE-2020-11022](https://nvd.nist.gov/vuln/detail/CVE-20 20-11022) / [CVE-2020-11023](https://nvd.nist.gov/vuln/detail/CVE-20 20-11023)\n\n- https://www.drupal.org/project/drupal/releases/8.8.5\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "Fedora 32 : drupal8 (2020-36d2db5f51)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-04-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal8", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-36D2DB5F51.NASL", "href": "https://www.tenable.com/plugins/nessus/137423", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-36d2db5f51.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137423);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/16\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"FEDORA\", value:\"2020-36d2db5f51\");\n\n script_name(english:\"Fedora 32 : drupal8 (2020-36d2db5f51)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"- https://www.drupal.org/project/drupal/releases/8.9.0\n\n- https://www.drupal.org/project/drupal/releases/8.8.7\n\n- https://www.drupal.org/project/drupal/releases/8.8.6\n\n -\n [SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-0\n 02) /\n [CVE-2020-11022](https://nvd.nist.gov/vuln/detail/CVE-20\n 20-11022) /\n [CVE-2020-11023](https://nvd.nist.gov/vuln/detail/CVE-20\n 20-11023)\n\n- https://www.drupal.org/project/drupal/releases/8.8.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-36d2db5f51\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://nvd.nist.gov/vuln/detail/CVE-2020-11022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/project/drupal/releases/8.8.5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-002\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected drupal8 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"drupal8-8.9.0-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal8\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-08T14:45:23", "description": "Oracle WebCenter Sites component of Oracle Fusion Middleware is affected by a vulnerability in the jQuery component.\nPassing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.\n.html(), .append(), and others) may execute untrusted code.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2021-01-21T00:00:00", "type": "nessus", "title": "Oracle WebCenter Sites (Jan 2021 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:webcenter_sites"], "id": "ORACLE_WEBCENTER_SITES_JAN_2021_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/145244", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145244);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_name(english:\"Oracle WebCenter Sites (Jan 2021 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote host is affected by a vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"Oracle WebCenter Sites component of Oracle Fusion Middleware is affected by a vulnerability in the jQuery component.\nPassing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.\n.html(), .append(), and others) may execute untrusted code.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported \nversion\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujan2021.html#AppendixFMW\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujan2021cvrf.xml\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2021 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:webcenter_sites\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_webcenter_sites_installed.nbin\", \"oracle_enum_products_win.nbin\");\n script_require_keys(\"SMB/WebCenter_Sites/Installed\");\n\n exit(0);\n}\ninclude('vcf_extras_oracle_webcenter_sites.inc');\n\nvar app_info = vcf::oracle_webcenter_sites::get_app_info();\n\nvar constraints = [\n {'min_version' : '12.2.1.3', 'fixed_version' : '12.2.1.3.210119', 'fixed_revision' : '186084'},\n {'min_version' : '12.2.1.4', 'fixed_version' : '12.2.1.4.210119', 'fixed_revision' : '186094'}\n];\n\nvcf::oracle_webcenter_sites::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-08T14:49:12", "description": "The version of Nessus Network Monitor (NNM) installed on the remote host is prior to 5.13.0. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2021-03-12T00:00:00", "type": "nessus", "title": "Nessus Network Monitor < 5.13.0 Multiple Vulnerabilities (TNS-2021-02)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-04-15T00:00:00", "cpe": ["cpe:/a:tenable:nnm"], "id": "NNM_5_13_0.NASL", "href": "https://www.tenable.com/plugins/nessus/147729", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147729);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/15\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_name(english:\"Nessus Network Monitor < 5.13.0 Multiple Vulnerabilities (TNS-2021-02)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A vulnerability scanner installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Nessus Network Monitor (NNM) installed\non the remote host is prior to 5.13.0. It is, therefore, affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-02\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/products/nessus/nessus-network-monitor\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Nessus Network Monitor version 5.13.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nnm\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nnm_installed_win.nbin\", \"nnm_installed_nix.nbin\");\n script_require_keys(\"installed_sw/Tenable NNM\", \"Host/nnm_installed\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_name = 'Tenable NNM';\n\napp_info = vcf::get_app_info(app:app_name);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { 'fixed_version' : '5.13.0' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-08T14:19:44", "description": "According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.\n\nNote, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios required for successful exploitation do not exist on devices running a PAN-OS release.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-05-28T00:00:00", "type": "nessus", "title": "JQuery 1.2 < 3.5.0 Multiple XSS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-09-09T00:00:00", "cpe": [], "id": "JQUERY_CVE-2020-11022.NASL", "href": "https://www.tenable.com/plugins/nessus/136929", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136929);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/09\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n\n script_name(english:\"JQuery 1.2 < 3.5.0 Multiple XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple cross site scripting\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater\nthan or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.\n\nNote, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios \nrequired for successful exploitation do not exist on devices running a PAN-OS release.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.paloaltonetworks.com/PAN-SA-2020-0007\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to JQuery version 3.5.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jquery_detect.nasl\", \"palo_alto_version.nbin\", \"cisco_wlc_version.nasl\", \"cisco_apic_version.nbin\");\n script_require_keys(\"installed_sw/jquery\");\n script_exclude_keys(\"Host/Palo_Alto/Firewall/Version\", \"Host/Cisco/WLC/Version\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nif (get_kb_item('Host/Palo_Alto/Firewall/Version'))\n exit(0, 'The remote host is PAN-OS, and therefore not affected.');\n\nif (get_kb_item('Host/Cisco/WLC/Version'))\n exit(0, 'The remote host is a Cisco WLC, and therefore not affected.');\n\nvar appname = 'jquery';\nget_install_count(app_name:appname, exit_if_zero:TRUE);\nvar jport = get_http_port(default:8081);\n\nif (get_install_count(app_name:'Cisco APIC Software') > 0)\n{\n var installs = get_installs(app_name:'Cisco APIC Software', port:jport);\n var length = 0;\n if (!isnull(installs)) length = length(installs[1]);\n\n if (length > 0)\n {\n exit(0, 'The remote host is a Cisco APIC, and therefore not affected.');\n }\n}\n\nvar app_info = vcf::get_app_info(app:appname, port:jport, webapp:TRUE);\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [{'min_version':'1.2','fixed_version':'3.5.0'}];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING,flags:{xss:TRUE});\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-16T15:30:36", "description": "The remote host is affected by the vulnerability described in GLSA-202004-10 (OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could perform a malicious crafted TLS 1.3 handshake against an application using OpenSSL, possibly resulting in a Denial of Service condition.\n In addition, it’s feasible that an attacker might attack DH512.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "GLSA-202004-10 : OpenSSL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202004-10.NASL", "href": "https://www.tenable.com/plugins/nessus/135946", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202004-10.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135946);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_xref(name:\"GLSA\", value:\"202004-10\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"GLSA-202004-10 : OpenSSL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-202004-10\n(OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could perform a malicious crafted TLS 1.3 handshake\n against an application using OpenSSL, possibly resulting in a Denial of\n Service condition.\n In addition, it’s feasible that an attacker might attack DH512.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202004-10\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All OpenSSL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.1.1g'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 1.1.1g\"), vulnerable:make_list(\"lt 1.1.1g\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:35:12", "description": "Update to version 1.1.1g from upstream fixing possible remote DoS security issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-05-11T00:00:00", "type": "nessus", "title": "Fedora 31 : 1:openssl (2020-d7b29838f6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:openssl", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-D7B29838F6.NASL", "href": "https://www.tenable.com/plugins/nessus/136439", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-d7b29838f6.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136439);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_xref(name:\"FEDORA\", value:\"2020-d7b29838f6\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"Fedora 31 : 1:openssl (2020-d7b29838f6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to version 1.1.1g from upstream fixing possible remote DoS\nsecurity issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-d7b29838f6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1551\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"openssl-1.1.1g-1.fc31\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:openssl\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:32:32", "description": "Update to version 1.1.1g from upstream fixing possible remote DoS security issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-04-30T00:00:00", "type": "nessus", "title": "Fedora 30 : 1:openssl (2020-da2d1ef2d7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:openssl", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2020-DA2D1EF2D7.NASL", "href": "https://www.tenable.com/plugins/nessus/136155", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-da2d1ef2d7.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136155);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_xref(name:\"FEDORA\", value:\"2020-da2d1ef2d7\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"Fedora 30 : 1:openssl (2020-da2d1ef2d7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to version 1.1.1g from upstream fixing possible remote DoS\nsecurity issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-da2d1ef2d7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"openssl-1.1.1g-1.fc30\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:openssl\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:37:43", "description": "According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 4.0.x prior to 4.0.13.5349 or 8.0.x prior to 8.0.21.1240. It is, therefore, affected by multiple vulnerabilities:\n - A buffer overflow condition exists in the Montgomery squaring procedure due to unsufficient validation of user-supplied input. An unauthenticated, remote attacker can exploit this, to cause a denial of service condition or the execution of arbitrary code. (CVE-2019-1551).\n\n - A denial of service (DoS) vulnerability exists in the SSL_check_chain() function due to a NULL pointer dereference. An unauthenticated, remote attacker can exploit this issue, to cause the application to stop responding (CVE-2020-1967).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-07-17T00:00:00", "type": "nessus", "title": "MySQL Enterprise Monitor 4.0.x < 4.0.13.5349 / 8.0.x < 8.0.21.1240 (Jul 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-08-14T00:00:00", "cpe": ["cpe:/a:oracle:mysql_enterprise_monitor"], "id": "MYSQL_ENTERPRISE_MONITOR_8_0_21_1240.NASL", "href": "https://www.tenable.com/plugins/nessus/138568", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138568);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/14\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_xref(name:\"IAVA\", value:\"2020-A-0321\");\n\n script_name(english:\"MySQL Enterprise Monitor 4.0.x < 4.0.13.5349 / 8.0.x < 8.0.21.1240 (Jul 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web application running on the remote host is affected by a multiple vulnerabilties\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is \n4.0.x prior to 4.0.13.5349 or 8.0.x prior to 8.0.21.1240. It is, therefore, affected by multiple vulnerabilities:\n - A buffer overflow condition exists in the Montgomery squaring procedure due to unsufficient validation\n of user-supplied input. An unauthenticated, remote attacker can exploit this, to cause a denial of service\n condition or the execution of arbitrary code. (CVE-2019-1551).\n\n - A denial of service (DoS) vulnerability exists in the SSL_check_chain() function due to a NULL pointer\n dereference. An unauthenticated, remote attacker can exploit this issue, to cause the application \n to stop responding (CVE-2020-1967).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d433c246\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL Enterprise Monitor version 4.0.13.5349 / 8.0.21.1240 or later as referenced in the July Oracle CPU\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1551\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/17\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql_enterprise_monitor\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_enterprise_monitor_web_detect.nasl\");\n script_require_keys(\"installed_sw/MySQL Enterprise Monitor\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 18443);\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_http_port(default:18443);\napp_info = vcf::get_app_info(app:'MySQL Enterprise Monitor', port:port, webapp:true);\n\nconstraints = [\n { 'min_version' : '4.0', 'fixed_version' : '4.0.13.5349' },\n { 'min_version' : '8.0', 'fixed_version' : '8.0.21.1240' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:35:47", "description": "Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain a multiple vulnerabilities, and updated versions have been made available by the providers.\n\nOut of caution and in line with good practice, Tenable opted to upgrade the bundled library to address the potential impact of these issues in Nessus Agent. Nessus Agent 7.6.3 updates OpenSSL to version 1.1.1g to address the identified vulnerabilities.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-06-24T00:00:00", "type": "nessus", "title": "Tenable Nessus Agent < 7.6.3 Third Party Vulnerability (OpenSSL) (TNS-2020-03)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:tenable:nessus", "cpe:/a:tenable:nessus_agent"], "id": "TENABLE_NESSUS_AGENT_TNS_2020_03.NASL", "href": "https://www.tenable.com/plugins/nessus/137757", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137757);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n\n script_name(english:\"Tenable Nessus Agent < 7.6.3 Third Party Vulnerability (OpenSSL) (TNS-2020-03)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An instance of Nessus Agent installed on the remote system is affected by a third party vulnerability\nin OpenSSL\");\n script_set_attribute(attribute:\"description\", value:\n\"Nessus Agent leverages third-party software to help provide underlying functionality. \nOne of the third-party components (OpenSSL) was found to contain a multiple vulnerabilities, \nand updated versions have been made available by the providers.\n\nOut of caution and in line with good practice, Tenable opted to upgrade the bundled library \nto address the potential impact of these issues in Nessus Agent. Nessus Agent 7.6.3 updates \nOpenSSL to version 1.1.1g to address the identified vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2020-03\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable Nessus Agent version 7.6.3 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1551\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nessus\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nessus_agent\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tenable_nessus_agent_installed_win.nbin\", \"nessus_agent_installed_macos.nbin\", \"nessus_agent_installed_linux.nbin\");\n script_require_keys(\"installed_sw/Tenable Nessus Agent\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Tenable Nessus Agent');\n\nconstraints = [\n {'fixed_version' : '7.6.3' },\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-07T01:30:21", "description": "According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate.\n This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the '-crl_download' option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).(CVE-2020-1971)\n\n - A NULL pointer dereference flaw was found in the way OpenSSL handled certain TLS handshake messages. This flaw allows an unauthenticated attacker to cause a server application compiled with OpenSSL to crash, causing a denial of service. In some cases a malicious server could also cause a client compiled with OpenSSL to crash.(CVE-2020-1967)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : openssl (EulerOS-SA-2021-1619)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967", "CVE-2020-1971"], "modified": "2021-04-20T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2021-1619.NASL", "href": "https://www.tenable.com/plugins/nessus/147537", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147537);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/20\");\n\n script_cve_id(\n \"CVE-2020-1967\",\n \"CVE-2020-1971\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : openssl (EulerOS-SA-2021-1619)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The X.509 GeneralName type is a generic type for\n representing different types of names. One of those\n name types is known as EDIPartyName. OpenSSL provides a\n function GENERAL_NAME_cmp which compares different\n instances of a GENERAL_NAME to see if they are equal or\n not. This function behaves incorrectly when both\n GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer\n dereference and a crash may occur leading to a possible\n denial of service attack. OpenSSL itself uses the\n GENERAL_NAME_cmp function for two purposes: 1)\n Comparing CRL distribution point names between an\n available CRL and a CRL distribution point embedded in\n an X509 certificate 2) When verifying that a timestamp\n response token signer matches the timestamp authority\n name (exposed via the API functions\n TS_RESP_verify_response and TS_RESP_verify_token) If an\n attacker can control both items being compared then\n that attacker could trigger a crash. For example if the\n attacker can trick a client or server into checking a\n malicious certificate against a malicious CRL then this\n may occur. Note that some applications automatically\n download CRLs based on a URL embedded in a certificate.\n This checking happens prior to the signatures on the\n certificate and CRL being verified. OpenSSL's s_server,\n s_client and verify tools have support for the\n '-crl_download' option which implements automatic CRL\n downloading and this attack has been demonstrated to\n work against those tools. Note that an unrelated bug\n means that affected versions of OpenSSL cannot parse or\n construct correct encodings of EDIPARTYNAME. However it\n is possible to construct a malformed EDIPARTYNAME that\n OpenSSL's parser will accept and hence trigger this\n attack. All OpenSSL 1.1.1 and 1.0.2 versions are\n affected by this issue. Other OpenSSL releases are out\n of support and have not been checked. Fixed in OpenSSL\n 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x\n (Affected 1.0.2-1.0.2w).(CVE-2020-1971)\n\n - A NULL pointer dereference flaw was found in the way\n OpenSSL handled certain TLS handshake messages. This\n flaw allows an unauthenticated attacker to cause a\n server application compiled with OpenSSL to crash,\n causing a denial of service. In some cases a malicious\n server could also cause a client compiled with OpenSSL\n to crash.(CVE-2020-1967)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1619\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1fb5f0f8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.1.1f-7.h10.eulerosv2r9\",\n \"openssl-libs-1.1.1f-7.h10.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-07T01:29:41", "description": "The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities:\n\n - There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t). (CVE-2019-1551)\n\n - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified.\n OpenSSL's s_server, s_client and verify tools have support for the -crl_download option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue.\n Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w). (CVE-2020-1971)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2021-0086)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1971"], "modified": "2021-03-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2021-0086_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/147241", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0086. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147241);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1971\");\n\n script_name(english:\"NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2021-0086)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple\nvulnerabilities:\n\n - There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit\n moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime\n RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed\n likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have\n to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low\n level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected\n 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t). (CVE-2019-1551)\n\n - The X.509 GeneralName type is a generic type for representing different types of names. One of those name\n types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different\n instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both\n GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a\n possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1)\n Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in\n an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp\n authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an\n attacker can control both items being compared then that attacker could trigger a crash. For example if\n the attacker can trick a client or server into checking a malicious certificate against a malicious CRL\n then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a\n certificate. This checking happens prior to the signatures on the certificate and CRL being verified.\n OpenSSL's s_server, s_client and verify tools have support for the -crl_download option which implements\n automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an\n unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of\n EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will\n accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue.\n Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected\n 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w). (CVE-2020-1971)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0086\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL openssl packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1551\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL MAIN 6.02\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL MAIN 6.02': [\n 'openssl-1.1.1g-12.el8_3',\n 'openssl-debuginfo-1.1.1g-12.el8_3',\n 'openssl-debugsource-1.1.1g-12.el8_3',\n 'openssl-devel-1.1.1g-12.el8_3',\n 'openssl-libs-1.1.1g-12.el8_3',\n 'openssl-libs-debuginfo-1.1.1g-12.el8_3',\n 'openssl-perl-1.1.1g-12.el8_3',\n 'openssl-static-1.1.1g-12.el8_3'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssl');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-30T13:04:38", "description": "The version of Nessus Network Monitor (NNM) installed on the remote host is prior to 5.13.1. It is, therefore, affected by multiple vulnerabilities:\n\n - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the -crl_download option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w). (CVE-2020-1971) \n - The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. (CVE-2021-23841)\n\n - Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. (CVE-2021-23840) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.4, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2021-05-12T00:00:00", "type": "nessus", "title": "Nessus Network Monitor < 5.13.1 Multiple Vulnerabilities (TNS-2021-09)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1971", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-23840", "CVE-2021-23841"], "modified": "2021-05-13T00:00:00", "cpe": ["cpe:/a:tenable:nnm"], "id": "NNM_5_13_1.NASL", "href": "https://www.tenable.com/plugins/nessus/149403", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149403);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/13\");\n\n script_cve_id(\n \"CVE-2020-1971\",\n \"CVE-2021-3449\",\n \"CVE-2021-3450\",\n \"CVE-2021-23840\",\n \"CVE-2021-23841\"\n );\n\n script_name(english:\"Nessus Network Monitor < 5.13.1 Multiple Vulnerabilities (TNS-2021-09)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A vulnerability scanner installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Nessus Network Monitor (NNM) installed on the remote host is prior to 5.13.1. It is, therefore, affected\nby multiple vulnerabilities:\n\n - The X.509 GeneralName type is a generic type for representing different types of names. One of those \n name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different\n instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both \n GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a \n possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: \n 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded \n in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp \n authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an \n attacker can control both items being compared then that attacker could trigger a crash. For example if\n the attacker can trick a client or server into checking a malicious certificate against a malicious CRL \n then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a\n certificate. This checking happens prior to the signatures on the certificate and CRL being verified. \n OpenSSL's s_server, s_client and verify tools have support for the -crl_download option which implements \n automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that \n an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of \n EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will \n accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. \n Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i \n (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w). (CVE-2020-1971)\n \n - The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value\n based on the issuer and serial number data contained within an X509 certificate. However it fails to \n correctly handle any errors that may occur while parsing the issuer field (which might occur if the \n issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a \n crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is \n never directly called by OpenSSL itself so applications are only vulnerable if they use this function \n directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL \n versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL \n 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of \n support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade\n to 1.0.2y. Other users should upgrade to 1.1.1j. (CVE-2021-23841)\n\n - Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length \n argument in some cases where the input length is close to the maximum permissable length for an integer\n on the platform. In such cases the return value from the function call will be 1 (indicating success), \n but the output length value will be negative. This could cause applications to behave incorrectly or \n crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should \n upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL\n 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL \n 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. (CVE-2021-23840)\n \n Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported \n version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-09\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Nessus Network Monitor version 5.13.1 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3450\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nnm\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nnm_installed_win.nbin\", \"nnm_installed_nix.nbin\");\n script_require_keys(\"installed_sw/Tenable NNM\", \"Host/nnm_installed\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app_name = 'Tenable NNM';\n\nvar app_info = vcf::get_app_info(app:app_name);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n { 'fixed_version' : '5.13.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-08-07T14:52:52", "description": "The remote host is affected by the vulnerability described in GLSA-202007-03 (Cacti: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 7.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "GLSA-202007-03 : Cacti: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-14295"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:cacti", "p-cpe:/a:gentoo:linux:cacti-spine", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202007-03.NASL", "href": "https://www.tenable.com/plugins/nessus/138926", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202007-03.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138926);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-14295\");\n script_xref(name:\"GLSA\", value:\"202007-03\");\n\n script_name(english:\"GLSA-202007-03 : Cacti: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202007-03\n(Cacti: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Cacti. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202007-03\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Cacti users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/cacti-1.2.13'\n All Cacti Spine users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/cacti-spine-1.2.13'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Cacti color filter authenticated SQLi to RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cacti\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cacti-spine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/cacti\", unaffected:make_list(\"ge 1.2.13\"), vulnerable:make_list(\"lt 1.2.13\"))) flag++;\nif (qpkg_check(package:\"net-analyzer/cacti-spine\", unaffected:make_list(\"ge 1.2.13\"), vulnerable:make_list(\"lt 1.2.13\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Cacti\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-14T16:20:58", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70, 8.7.x prior to 8.7.14 or 8.8.x prior to 8.8.6. It is, therefore, affected by multilple vulnerabilities :\n\n - Two Cross-Site Scripting (XSS) vulnerabilities in jQuery (CVE-2020-11022 / CVE-2020-11023).\n\n - An open redirect due to insufficient validation of the destination query parameter in the drupal_goto() function in Drupal 7 only (CVE-2020-13662).\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-06-09T00:00:00", "type": "nessus", "title": "Drupal 7.x < 7.70 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112438", "href": "https://www.tenable.com/plugins/was/112438", "sourceData": "No source data", "cvss": {"score": 5.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-07-14T16:20:55", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70, 8.7.x prior to 8.7.14 or 8.8.x prior to 8.8.6. It is, therefore, affected by multilple vulnerabilities :\n\n - Two Cross-Site Scripting (XSS) vulnerabilities in jQuery (CVE-2020-11022 / CVE-2020-11023).\n\n - An open redirect due to insufficient validation of the destination query parameter in the drupal_goto() function in Drupal 7 only (CVE-2020-13662).\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-06-09T00:00:00", "type": "nessus", "title": "Drupal 8.8.x < 8.8.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112430", "href": "https://www.tenable.com/plugins/was/112430", "sourceData": "No source data", "cvss": {"score": 5.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-07-14T16:20:59", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70, 8.7.x prior to 8.7.14 or 8.8.x prior to 8.8.6. It is, therefore, affected by multilple vulnerabilities :\n\n - Two Cross-Site Scripting (XSS) vulnerabilities in jQuery (CVE-2020-11022 / CVE-2020-11023).\n\n - An open redirect due to insufficient validation of the destination query parameter in the drupal_goto() function in Drupal 7 only (CVE-2020-13662).\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-06-09T00:00:00", "type": "nessus", "title": "Drupal 8.7.x < 8.7.14 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112437", "href": "https://www.tenable.com/plugins/was/112437", "sourceData": "No source data", "cvss": {"score": 5.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-08-08T14:20:07", "description": "Several vulnerabilities were discovered in Drupal, a fully-featured content management framework, which could result in an open redirect or cross-site scripting.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-05-28T00:00:00", "type": "nessus", "title": "Debian DSA-4693-1 : drupal7 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662"], "modified": "2021-05-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:drupal7", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4693.NASL", "href": "https://www.tenable.com/plugins/nessus/136932", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4693. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136932);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/17\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-13662\");\n script_xref(name:\"DSA\", value:\"4693\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n\n script_name(english:\"Debian DSA-4693-1 : drupal7 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were discovered in Drupal, a fully-featured\ncontent management framework, which could result in an open redirect\nor cross-site scripting.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4693\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the drupal7 packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 7.52-2+deb9u10.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13662\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"drupal7\", reference:\"7.52-2+deb9u10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-16T14:58:49", "description": "According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.(CVE-2021-23840)\n\n - The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources.(CVE-2021-23841)\n\n - There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME.(CVE-2019-1551)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2021-04-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : openssl (EulerOS-SA-2021-1825)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2021-23840", "CVE-2021-23841"], "modified": "2021-05-04T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1825.NASL", "href": "https://www.tenable.com/plugins/nessus/149201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149201);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/04\");\n\n script_cve_id(\n \"CVE-2019-1551\",\n \"CVE-2021-23840\",\n \"CVE-2021-23841\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : openssl (EulerOS-SA-2021-1825)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Calls to EVP_CipherUpdate, EVP_EncryptUpdate and\n EVP_DecryptUpdate may overflow the output length\n argument in some cases where the input length is close\n to the maximum permissable length for an integer on the\n platform. In such cases the return value from the\n function call will be 1 (indicating success), but the\n output length value will be negative. This could cause\n applications to behave incorrectly or\n crash.(CVE-2021-23840)\n\n - The OpenSSL public API function\n X509_issuer_and_serial_hash() attempts to create a\n unique hash value based on the issuer and serial number\n data contained within an X509 certificate. However it\n fails to correctly handle any errors that may occur\n while parsing the issuer field (which might occur if\n the issuer field is maliciously constructed). This may\n subsequently result in a NULL pointer deref and a crash\n leading to a potential denial of service attack. The\n function X509_issuer_and_serial_hash() is never\n directly called by OpenSSL itself so applications are\n only vulnerable if they use this function directly and\n they use it on certificates that may have been obtained\n from untrusted sources.(CVE-2021-23841)\n\n - There is an overflow bug in the x64_64 Montgomery\n squaring procedure used in exponentiation with 512-bit\n moduli. No EC algorithms are affected. Analysis\n suggests that attacks against 2-prime RSA1024, 3-prime\n RSA1536, and DSA1024 as a result of this defect would\n be very difficult to perform and are not believed\n likely. Attacks against DH512 are considered just\n feasible. However, for an attack the target would have\n to re-use the DH512 private key, which is not\n recommended anyway. Also applications directly using\n the low level API BN_mod_exp may be affected if they\n use BN_FLG_CONSTTIME.(CVE-2019-1551)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1825\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8f9e1c94\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h16\",\n \"openssl-devel-1.0.2k-16.h16\",\n \"openssl-libs-1.0.2k-16.h16\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-12T14:45:46", "description": "Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. An overflow bug in the x64_64 Montgomery squaring procedure, an integer overflow in CipherUpdate and a NULL pointer dereference flaw X509_issuer_and_serial_hash() were found, which could result in denial of service.\n\nAdditional details can be found in the upstream advisories https://www.openssl.org/news/secadv/20191206.txt and https://www.openssl.org/news/secadv/20210216.txt.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2021-02-19T00:00:00", "type": "nessus", "title": "Debian DSA-4855-1 : openssl - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2021-23840", "CVE-2021-23841"], "modified": "2021-02-23T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:openssl:*:*:*:*:*:*:*"], "id": "DEBIAN_DSA-4855.NASL", "href": "https://www.tenable.com/plugins/nessus/146599", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4855. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(146599);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/23\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2021-23840\", \"CVE-2021-23841\");\n script_xref(name:\"DSA\", value:\"4855\");\n\n script_name(english:\"Debian DSA-4855-1 : openssl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple vulnerabilities have been discovered in OpenSSL, a Secure\nSockets Layer toolkit. An overflow bug in the x64_64 Montgomery\nsquaring procedure, an integer overflow in CipherUpdate and a NULL\npointer dereference flaw X509_issuer_and_serial_hash() were found,\nwhich could result in denial of service.\n\nAdditional details can be found in the upstream advisories\nhttps://www.openssl.org/news/secadv/20191206.txt and\nhttps://www.openssl.org/news/secadv/20210216.txt.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20191206.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20210216.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2021/dsa-4855\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 1.1.1d-0+deb10u5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libcrypto1.1-udeb\", reference:\"1.1.1d-0+deb10u5\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl-dev\", reference:\"1.1.1d-0+deb10u5\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl-doc\", reference:\"1.1.1d-0+deb10u5\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl1.1\", reference:\"1.1.1d-0+deb10u5\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl1.1-udeb\", reference:\"1.1.1d-0+deb10u5\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"openssl\", reference:\"1.1.1d-0+deb10u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-05T23:54:17", "description": "According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate.\n This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the '-crl_download' option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).(CVE-2020-1971)\n\n - Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue.\n Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y.\n Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).(CVE-2021-23840)\n\n - The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue.\n However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).(CVE-2021-23841)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-07-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2021-2154)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1971", "CVE-2021-23840", "CVE-2021-23841"], "modified": "2021-07-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2021-2154.NASL", "href": "https://www.tenable.com/plugins/nessus/151385", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151385);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/08\");\n\n script_cve_id(\n \"CVE-2020-1971\",\n \"CVE-2021-23840\",\n \"CVE-2021-23841\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2021-2154)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The X.509 GeneralName type is a generic type for\n representing different types of names. One of those\n name types is known as EDIPartyName. OpenSSL provides a\n function GENERAL_NAME_cmp which compares different\n instances of a GENERAL_NAME to see if they are equal or\n not. This function behaves incorrectly when both\n GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer\n dereference and a crash may occur leading to a possible\n denial of service attack. OpenSSL itself uses the\n GENERAL_NAME_cmp function for two purposes: 1)\n Comparing CRL distribution point names between an\n available CRL and a CRL distribution point embedded in\n an X509 certificate 2) When verifying that a timestamp\n response token signer matches the timestamp authority\n name (exposed via the API functions\n TS_RESP_verify_response and TS_RESP_verify_token) If an\n attacker can control both items being compared then\n that attacker could trigger a crash. For example if the\n attacker can trick a client or server into checking a\n malicious certificate against a malicious CRL then this\n may occur. Note that some applications automatically\n download CRLs based on a URL embedded in a certificate.\n This checking happens prior to the signatures on the\n certificate and CRL being verified. OpenSSL's s_server,\n s_client and verify tools have support for the\n '-crl_download' option which implements automatic CRL\n downloading and this attack has been demonstrated to\n work against those tools. Note that an unrelated bug\n means that affected versions of OpenSSL cannot parse or\n construct correct encodings of EDIPARTYNAME. However it\n is possible to construct a malformed EDIPARTYNAME that\n OpenSSL's parser will accept and hence trigger this\n attack. All OpenSSL 1.1.1 and 1.0.2 versions are\n affected by this issue. Other OpenSSL releases are out\n of support and have not been checked. Fixed in OpenSSL\n 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x\n (Affected 1.0.2-1.0.2w).(CVE-2020-1971)\n\n - Calls to EVP_CipherUpdate, EVP_EncryptUpdate and\n EVP_DecryptUpdate may overflow the output length\n argument in some cases where the input length is close\n to the maximum permissable length for an integer on the\n platform. In such cases the return value from the\n function call will be 1 (indicating success), but the\n output length value will be negative. This could cause\n applications to behave incorrectly or crash. OpenSSL\n versions 1.1.1i and below are affected by this issue.\n Users of these versions should upgrade to OpenSSL\n 1.1.1j. OpenSSL versions 1.0.2x and below are affected\n by this issue. However OpenSSL 1.0.2 is out of support\n and no longer receiving public updates. Premium support\n customers of OpenSSL 1.0.2 should upgrade to 1.0.2y.\n Other users should upgrade to 1.1.1j. Fixed in OpenSSL\n 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y\n (Affected 1.0.2-1.0.2x).(CVE-2021-23840)\n\n - The OpenSSL public API function\n X509_issuer_and_serial_hash() attempts to create a\n unique hash value based on the issuer and serial number\n data contained within an X509 certificate. However it\n fails to correctly handle any errors that may occur\n while parsing the issuer field (which might occur if\n the issuer field is maliciously constructed). This may\n subsequently result in a NULL pointer deref and a crash\n leading to a potential denial of service attack. The\n function X509_issuer_and_serial_hash() is never\n directly called by OpenSSL itself so applications are\n only vulnerable if they use this function directly and\n they use it on certificates that may have been obtained\n from untrusted sources. OpenSSL versions 1.1.1i and\n below are affected by this issue. Users of these\n versions should upgrade to OpenSSL 1.1.1j. OpenSSL\n versions 1.0.2x and below are affected by this issue.\n However OpenSSL 1.0.2 is out of support and no longer\n receiving public updates. Premium support customers of\n OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users\n should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j\n (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y\n (Affected 1.0.2-1.0.2x).(CVE-2021-23841)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2154\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1214fa9a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h13.eulerosv2r7\",\n \"openssl-libs-1.0.2k-16.h13.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-07T14:52:19", "description": "Cacti developers reports :\n\nMultiple fixes for bundled jQuery to prevent code exec (CVE-2020-11022, CVE-2020-11023).\n\nPHPMail contains a escaping bug (CVE-2020-13625).\n\nSQL Injection via color.php in Cacti (CVE-2020-14295).", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "FreeBSD : Cacti -- multiple vulnerabilities (cd2dc126-cfe4-11ea-9172-4c72b94353b5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13625", "CVE-2020-14295"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:cacti", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_CD2DC126CFE411EA91724C72B94353B5.NASL", "href": "https://www.tenable.com/plugins/nessus/139112", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139112);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-13625\",\n \"CVE-2020-14295\"\n );\n\n script_name(english:\"FreeBSD : Cacti -- multiple vulnerabilities (cd2dc126-cfe4-11ea-9172-4c72b94353b5)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Cacti developers reports :\n\nMultiple fixes for bundled jQuery to prevent code exec\n(CVE-2020-11022, CVE-2020-11023).\n\nPHPMail contains a escaping bug (CVE-2020-13625).\n\nSQL Injection via color.php in Cacti (CVE-2020-14295).\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.cacti.net/release_notes.php?version=1.2.13\");\n # https://vuxml.freebsd.org/freebsd/cd2dc126-cfe4-11ea-9172-4c72b94353b5.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?785abf15\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14295\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13625\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Cacti color filter authenticated SQLi to RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:cacti\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"cacti<1.2.13\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-08-07T14:51:17", "description": "This update for cacti, cacti-spine fixes the following issues :\n\n - cacti 1.2.13 :\n\n - Query XSS vulnerabilities require vendor package update (CVE-2020-11022 / CVE-2020-11023)\n\n - Lack of escaping on some pages can lead to XSS exposure\n\n - Update PHPMailer to 6.1.6 (CVE-2020-13625)\n\n - SQL Injection vulnerability due to input validation failure when editing colors (CVE-2020-14295, boo#1173090)\n\n - Lack of escaping on template import can lead to XSS exposure\n\n - switch from cron to systemd timers (boo#1115436) :\n\n + cacti-cron.timer\n\n + cacti-cron.service\n\n - avoid potential root escalation on systems with fs.protected_hardlinks=0 (boo#1154087): handle directory permissions in file section instead of using chown during post installation\n\n - rewrote apache configuration to get rid of .htaccess files and explicitely disable directory permissions per default (only allow a limited, well-known set of directories)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-1060)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13625", "CVE-2020-14295"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:cacti", "p-cpe:/a:novell:opensuse:cacti-spine", "p-cpe:/a:novell:opensuse:cacti-spine-debuginfo", "p-cpe:/a:novell:opensuse:cacti-spine-debugsource", "cpe:/o:novell:opensuse:15.1", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1060.NASL", "href": "https://www.tenable.com/plugins/nessus/138985", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1060.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138985);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-13625\", \"CVE-2020-14295\");\n\n script_name(english:\"openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-1060)\");\n script_summary(english:\"Check for the openSUSE-2020-1060 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for cacti, cacti-spine fixes the following issues :\n\n - cacti 1.2.13 :\n\n - Query XSS vulnerabilities require vendor package update\n (CVE-2020-11022 / CVE-2020-11023)\n\n - Lack of escaping on some pages can lead to XSS exposure\n\n - Update PHPMailer to 6.1.6 (CVE-2020-13625)\n\n - SQL Injection vulnerability due to input validation\n failure when editing colors (CVE-2020-14295,\n boo#1173090)\n\n - Lack of escaping on template import can lead to XSS\n exposure\n\n - switch from cron to systemd timers (boo#1115436) :\n\n + cacti-cron.timer\n\n + cacti-cron.service\n\n - avoid potential root escalation on systems with\n fs.protected_hardlinks=0 (boo#1154087): handle directory\n permissions in file section instead of using chown\n during post installation\n\n - rewrote apache configuration to get rid of .htaccess\n files and explicitely disable directory permissions per\n default (only allow a limited, well-known set of\n directories)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173090\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected cacti / cacti-spine packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14295\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Cacti color filter authenticated SQLi to RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti-spine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti-spine-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti-spine-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1|SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1 / 15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-spine-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-spine-debuginfo-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-spine-debugsource-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-1.2.13-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-spine-1.2.13-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-spine-debuginfo-1.2.13-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-spine-debugsource-1.2.13-lp152.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cacti-spine / cacti-spine-debuginfo / cacti-spine-debugsource / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T23:04:05", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3807 advisory.\n\n - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n - jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n - ovirt-engine: Reflected cross site scripting vulnerability (CVE-2020-14333)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.4, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2020-09-23T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat Virtualization (RHSA-2020:3807)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-14333", "CVE-2020-8203"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui", "p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib", "p-cpe:/a:redhat:enterprise_linux:rhvm"], "id": "REDHAT-RHSA-2020-3807.NASL", "href": "https://www.tenable.com/plugins/nessus/140750", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3807. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140750);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2020-8203\",\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-14333\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3807\");\n script_xref(name:\"IAVA\", value:\"2021-A-0347\");\n script_xref(name:\"IAVA\", value:\"2021-A-0032\");\n script_xref(name:\"IAVA\", value:\"2020-A-0324\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n script_xref(name:\"IAVA\", value:\"2021-A-0035-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0196\");\n script_xref(name:\"IAVA\", value:\"2021-A-0194-S\");\n\n script_name(english:\"RHEL 8 : Red Hat Virtualization (RHSA-2020:3807)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3807 advisory.\n\n - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n - jquery: Passing HTML containing elements to manipulation methods could result in untrusted code\n execution (CVE-2020-11023)\n\n - ovirt-engine: Reflected cross site scripting vulnerability (CVE-2020-14333)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/79.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828406\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1850004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1858184\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8203\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 79);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhev_manager_4_4_el8': [\n 'rhv-4.4-manager-for-rhel-8-x86_64-debug-rpms',\n 'rhv-4.4-manager-for-rhel-8-x86_64-rpms',\n 'rhv-4.4-manager-for-rhel-8-x86_64-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'ovirt-engine-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-backend-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-dbscripts-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-health-check-bundler-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-restapi-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-base-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-cinderlib-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-imageio-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-common-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-setup-plugin-websocket-proxy-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-tools-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-tools-backup-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-ui-extensions-1.2.3-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-vmconsole-proxy-helper-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-webadmin-portal-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-engine-websocket-proxy-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'ovirt-web-ui-1.6.4-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'python3-ovirt-engine-lib-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']},\n {'reference':'rhvm-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4', 'repo_list':['rhev_manager_4_4_el8']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine / ovirt-engine-backend / ovirt-engine-dbscripts / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-05-30T23:04:05", "description": "- https://www.drupal.org/project/drupal/releases/7.72\n\n - [Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-00 4) / CVE-2020-13663\n\n- https://www.drupal.org/project/drupal/releases/7.71\n\n- https://www.drupal.org/project/drupal/releases/7.70\n\n - [Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-00 2) / CVE-2020-11022 / CVE-2020-11023\n\n - [Drupal core - Moderately critical - Open Redirect - SA-CORE-2020-003](https://www.drupal.org/sa-core-2020-00 3) / CVE-2020-13662\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-09-14T00:00:00", "type": "nessus", "title": "Fedora 32 : drupal7 (2020-0b32a59b54)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662", "CVE-2020-13663"], "modified": "2021-06-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-0B32A59B54.NASL", "href": "https://www.tenable.com/plugins/nessus/140545", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-0b32a59b54.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140545);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/24\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-13662\", \"CVE-2020-13663\");\n script_xref(name:\"FEDORA\", value:\"2020-0b32a59b54\");\n\n script_name(english:\"Fedora 32 : drupal7 (2020-0b32a59b54)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"- https://www.drupal.org/project/drupal/releases/7.72\n\n - [Drupal core - Critical - Cross Site Request Forgery -\n SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-00\n 4) / CVE-2020-13663\n\n- https://www.drupal.org/project/drupal/releases/7.71\n\n- https://www.drupal.org/project/drupal/releases/7.70\n\n - [Drupal core - Moderately critical - Cross Site\n Scripting -\n SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-00\n 2) / CVE-2020-11022 / CVE-2020-11023\n\n - [Drupal core - Moderately critical - Open Redirect -\n SA-CORE-2020-003](https://www.drupal.org/sa-core-2020-00\n 3) / CVE-2020-13662\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-0b32a59b54\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-004\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13663\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"drupal7-7.72-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T23:03:39", "description": "- https://www.drupal.org/project/drupal/releases/7.72\n\n - [Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-00 4) / CVE-2020-13663\n\n- https://www.drupal.org/project/drupal/releases/7.71\n\n- https://www.drupal.org/project/drupal/releases/7.70\n\n - [Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-00 2) / CVE-2020-11022 / CVE-2020-11023\n\n - [Drupal core - Moderately critical - Open Redirect - SA-CORE-2020-003](https://www.drupal.org/sa-core-2020-00 3) / CVE-2020-13662\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-09-14T00:00:00", "type": "nessus", "title": "Fedora 31 : drupal7 (2020-fbb94073a1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662", "CVE-2020-13663"], "modified": "2021-06-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-FBB94073A1.NASL", "href": "https://www.tenable.com/plugins/nessus/140557", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-fbb94073a1.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140557);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/24\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-13662\", \"CVE-2020-13663\");\n script_xref(name:\"FEDORA\", value:\"2020-fbb94073a1\");\n\n script_name(english:\"Fedora 31 : drupal7 (2020-fbb94073a1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"- https://www.drupal.org/project/drupal/releases/7.72\n\n - [Drupal core - Critical - Cross Site Request Forgery -\n SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-00\n 4) / CVE-2020-13663\n\n- https://www.drupal.org/project/drupal/releases/7.71\n\n- https://www.drupal.org/project/drupal/releases/7.70\n\n - [Drupal core - Moderately critical - Cross Site\n Scripting -\n SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-00\n 2) / CVE-2020-11022 / CVE-2020-11023\n\n - [Drupal core - Moderately critical - Open Redirect -\n SA-CORE-2020-003](https://www.drupal.org/sa-core-2020-00\n 3) / CVE-2020-13662\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-fbb94073a1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-004\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13663\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"drupal7-7.72-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:12:17", "description": "According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is 16.x prior to 16.2.16.5 or 17.x prior to 17.12.11.7 or 18.8.x prior to 18.8.18.4 or 19.12.x prior to 19.12.14 or 20.12.x prior to 20.12.4. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory.\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core UI (jQuery)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera Unifier, attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera Unifier accessible data as well as unauthorized read access to a subset of Primavera Unifier accessible data. (CVE-2020-11022)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core (HTTP Client)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera Unifier accessible data. (CVE-2020-13956)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Platform (Apache Groovy)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12.\n Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Primavera Unifier executes to compromise Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data.\n (CVE-2020-17521)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2021-04-22T00:00:00", "type": "nessus", "title": "Oracle Primavera Unifier (Apr 2021 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13956", "CVE-2020-17521"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/a:oracle:primavera_unifier"], "id": "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2021.NASL", "href": "https://www.tenable.com/plugins/nessus/148918", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148918);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-13956\",\n \"CVE-2020-17521\"\n );\n\n script_name(english:\"Oracle Primavera Unifier (Apr 2021 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is\n16.x prior to 16.2.16.5 or 17.x prior to 17.12.11.7 or 18.8.x prior to 18.8.18.4 or 19.12.x prior to 19.12.14 or 20.12.x\nprior to 20.12.4. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory.\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core UI\n (jQuery)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise\n Primavera Unifier. Successful attacks require human interaction from a person other than the attacker\n and while the vulnerability is in Primavera Unifier, attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some\n of Primavera Unifier accessible data as well as unauthorized read access to a subset of Primavera Unifier\n accessible data. (CVE-2020-11022)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core (HTTP\n Client)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise\n Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized update, insert or\n delete access to some of Primavera Unifier accessible data. (CVE-2020-13956)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Platform\n (Apache Groovy)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12.\n Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where\n Primavera Unifier executes to compromise Primavera Unifier. Successful attacks of this vulnerability can\n result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data.\n (CVE-2020-17521)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpuapr2021cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuapr2021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2021 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_unifier\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_unifier.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Unifier\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8002);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nget_install_count(app_name:'Oracle Primavera Unifier', exit_if_zero:TRUE);\n\nvar port = get_http_port(default:8002);\nget_kb_item_or_exit('www/weblogic/' + port + '/installed');\n\nvar app_info = vcf::get_app_info(app:'Oracle Primavera Unifier', port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n { 'min_version' : '16.1', 'fixed_version' : '16.2.16.5' },\n { 'min_version' : '17.7', 'fixed_version' : '17.12.11.7' },\n { 'min_version' : '18.8', 'fixed_version' : '18.8.18.4' },\n { 'min_version' : '19.12', 'fixed_version' : '19.12.14' },\n { 'min_version' : '20.12', 'fixed_version' : '20.12.4' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-01-02T00:15:41", "description": "An update of the openssl package has been released.", "cvss3": {"score": 7.4, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2021-04-07T00:00:00", "type": "nessus", "title": "Photon OS 4.0: Openssl PHSA-2021-4.0-0007", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23840", "CVE-2021-23841", "CVE-2021-3449", "CVE-2021-3450"], "modified": "2021-08-27T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:openssl", "cpe:/o:vmware:photonos:4.0"], "id": "PHOTONOS_PHSA-2021-4_0-0007_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/148355", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-4.0-0007. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148355);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/27\");\n\n script_cve_id(\n \"CVE-2021-23840\",\n \"CVE-2021-23841\",\n \"CVE-2021-3449\",\n \"CVE-2021-3450\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n\n script_name(english:\"Photon OS 4.0: Openssl PHSA-2021-4.0-0007\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the openssl package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-4.0-7.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3450\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:4.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 4\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nflag = 0;\n\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'openssl-1.1.1k-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'openssl-c_rehash-1.1.1k-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'openssl-devel-1.1.1k-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'openssl-docs-1.1.1k-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'openssl-perl-1.1.1k-1.ph4')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssl');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-01-02T00:14:15", "description": "The remote host is affected by the vulnerability described in GLSA-202103-03 (OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 7.4, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2021-04-01T00:00:00", "type": "nessus", "title": "GLSA-202103-03 : OpenSSL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23840", "CVE-2021-23841", "CVE-2021-3449", "CVE-2021-3450"], "modified": "2021-08-30T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202103-03.NASL", "href": "https://www.tenable.com/plugins/nessus/148271", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202103-03.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148271);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/30\");\n\n script_cve_id(\"CVE-2021-23840\", \"CVE-2021-23841\", \"CVE-2021-3449\", \"CVE-2021-3450\");\n script_xref(name:\"GLSA\", value:\"202103-03\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n\n script_name(english:\"GLSA-202103-03 : OpenSSL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202103-03\n(OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202103-03\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All OpenSSL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.1.1k'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3450\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 1.1.1k\"), vulnerable:make_list(\"lt 1.1.1k\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-08-09T15:42:48", "description": "The 16.2.0-16.2.11, 17.12.0-17.12.7, 18.8.0-18.8.9, and 19.12.0-19.12.4 versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2020 CPU advisory.\n\n - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: Admin (Apache Ant)). Supported versions that are affected are 16.2.0-16.2.11 and 17.12.0-17.12.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Gateway.\n Successful attacks of this vulnerability can result in takeover of Primavera Gateway.\n\n - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: Admin (jQuery)). Supported versions that are affected are 16.2.0-16.2.11, 17.12.0-17.12.7, 18.8.0-18.8.9 and 19.12.0-19.12.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Gateway. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera Gateway, attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera Gateway accessible data as well as unauthorized read access to a subset of Primavera Gateway accessible data.\n\n - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: Admin (Log4j)).\n Supported versions that are affected are 16.2.0-16.2.11, 17.12.0-17.12.7, 18.8.0-18.8.9 and 19.12.0-19.12.4.\n Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTPS to compromise Primavera Gateway. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Primavera Gateway accessible data.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-07-16T00:00:00", "type": "nessus", "title": "Oracle Primavera Gateway (Jul 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-1945", "CVE-2020-9488"], "modified": "2021-04-15T00:00:00", "cpe": ["cpe:/a:oracle:primavera_gateway"], "id": "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2020.NASL", "href": "https://www.tenable.com/plugins/nessus/138526", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138526);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/15\");\n\n script_cve_id(\n \"CVE-2017-5645\",\n \"CVE-2020-1945\",\n \"CVE-2020-9488\",\n \"CVE-2020-11022\",\n \"CVE-2020-11023\"\n );\n script_bugtraq_id(97702);\n script_xref(name:\"IAVA\", value:\"2020-A-0324\");\n\n script_name(english:\"Oracle Primavera Gateway (Jul 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The 16.2.0-16.2.11, 17.12.0-17.12.7, 18.8.0-18.8.9, and 19.12.0-19.12.4 versions of Primavera Gateway installed on the\nremote host are affected by multiple vulnerabilities as referenced in the July 2020 CPU advisory.\n\n - Vulnerability in the Primavera Gateway product of Oracle\n Construction and Engineering (component: Admin (Apache\n Ant)). Supported versions that are affected are\n 16.2.0-16.2.11 and 17.12.0-17.12.7. Easily exploitable\n vulnerability allows unauthenticated attacker with\n network access via HTTP to compromise Primavera Gateway.\n Successful attacks of this vulnerability can result in\n takeover of Primavera Gateway.\n\n - Vulnerability in the Primavera Gateway product of Oracle\n Construction and Engineering (component: Admin\n (jQuery)). Supported versions that are affected are\n 16.2.0-16.2.11, 17.12.0-17.12.7, 18.8.0-18.8.9 and\n 19.12.0-19.12.4. Easily exploitable vulnerability allows\n unauthenticated attacker with network access via HTTP to\n compromise Primavera Gateway. Successful attacks require\n human interaction from a person other than the attacker\n and while the vulnerability is in Primavera Gateway,\n attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in\n unauthorized update, insert or delete access to some of\n Primavera Gateway accessible data as well as\n unauthorized read access to a subset of Primavera\n Gateway accessible data.\n\n - Vulnerability in the Primavera Gateway product of Oracle\n Construction and Engineering (component: Admin (Log4j)).\n Supported versions that are affected are 16.2.0-16.2.11,\n 17.12.0-17.12.7, 18.8.0-18.8.9 and 19.12.0-19.12.4.\n Difficult to exploit vulnerability allows\n unauthenticated attacker with network access via SMTPS\n to compromise Primavera Gateway. Successful attacks of\n this vulnerability can result in unauthorized read\n access to a subset of Primavera Gateway accessible data.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujul2020cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujul2020.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the July 2020 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-5645\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_gateway\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_gateway.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Gateway\");\n script_require_ports(\"Services/www\", 8006);\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nget_install_count(app_name:'Oracle Primavera Gateway', exit_if_zero:TRUE);\n\nport = get_http_port(default:8006);\n\napp_info = vcf::get_app_info(app:'Oracle Primavera Gateway', port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { 'min_version' : '16.2.0',\n 'max_version' : '16.2.11',\n 'fixed_display' : 'Upgrade to the latest version or contact customer support for more information.'\n },\n { 'min_version' : '17.12.0', 'fixed_version' : '17.12.8' },\n { 'min_version' : '18.8.0', 'fixed_version' : '18.8.8.10' },\n { 'min_version' : '19.12.0', 'fixed_version' : '19.12.7' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-23T15:12:44", "description": "The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by a cross-site scripting (XSS) vulnerability in the ADF Faces (jQuery) component. An unauthenticated, remote attacker can exploit this issue to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data as well as unauthorized read access to a subset of Oracle JDeveloper accessible data.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-11-02T00:00:00", "type": "nessus", "title": "Oracle JDeveloper XSS (October 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jdeveloper"], "id": "ORACLE_JDEVELOPER_CPU_OCT_2020.NASL", "href": "https://www.tenable.com/plugins/nessus/142146", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142146);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2020-11022\");\n\n script_name(english:\"Oracle JDeveloper XSS (October 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by a cross-site scripting vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected \nby a cross-site scripting (XSS) vulnerability in the ADF Faces (jQuery) component. An unauthenticated, remote attacker\ncan exploit this issue to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other\nthan the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional\nproducts. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of\nOracle JDeveloper accessible data as well as unauthorized read access to a subset of Oracle JDeveloper accessible data.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuoct2020.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/advisories/GHSA-gxr4-xjj5-5px2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the October 2020 Oracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jdeveloper\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_jdeveloper_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle JDeveloper\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle.inc');\n\nvar app_info = vcf::oracle_jdev::get_app_info();\n\nvar constraints = [\n { 'min_version':'11.1.1.9', 'fixed_version':'11.1.1.9.201020', 'missing_patch':'31985571' },\n { 'min_version':'12.2.1.3', 'fixed_version':'12.2.1.3.201007', 'missing_patch':'31985811' },\n { 'min_version':'12.2.1.4', 'fixed_version':'12.2.1.4.200817', 'missing_patch':'31762739' }\n];\n\nvcf::oracle_jdev::check_version_and_report(\n app_info:app_info,\n severity:SECURITY_WARNING,\n constraints:constraints,\n flags:{'xss':TRUE}\n);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-08T14:19:32", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2217 advisory.\n\n - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-06-01T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2020:2217)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-web-console"], "id": "REDHAT-RHSA-2020-2217.NASL", "href": "https://www.tenable.com/plugins/nessus/136976", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2217. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136976);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2020-11022\");\n script_xref(name:\"RHSA\", value:\"2020:2217\");\n script_xref(name:\"IAVA\", value:\"2021-A-0032\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n script_xref(name:\"IAVA\", value:\"2021-A-0035-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0196\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2020:2217)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in\nthe RHSA-2020:2217 advisory.\n\n - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/79.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828406\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected atomic-openshift-web-console package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-web-console\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'openshift_3_11_el7': [\n 'rhel-7-server-ose-3.11-debug-rpms',\n 'rhel-7-server-ose-3.11-rpms',\n 'rhel-7-server-ose-3.11-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'atomic-openshift-web-console-3.11.219-1.git.1.9b9b889.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'atomic-openshift-', 'repo_list':['openshift_3_11_el7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'atomic-openshift-web-console');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-01-29T13:11:37", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1131 advisory.\n\n - openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-04-07T00:00:00", "type": "nessus", "title": "RHEL 8 : openssl (RHSA-2021:1131)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "cpe:/o:redhat:rhel_eus:8.1", "p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-libs", "p-cpe:/a:redhat:enterprise_linux:openssl-perl"], "id": "REDHAT-RHSA-2021-1131.NASL", "href": "https://www.tenable.com/plugins/nessus/148379", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1131. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148379);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"RHSA\", value:\"2021:1131\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0193\");\n\n script_name(english:\"RHEL 8 : openssl (RHSA-2021:1131)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:1131 advisory.\n\n - openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1941554\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_e4s_8_1_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_e4s_8_1_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_e4s_8_1_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_e4s_8_1_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_e4s_8_1_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_1'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'openssl-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-devel-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-devel-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-devel-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-devel-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-libs-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-libs-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-libs-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-libs-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-perl-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-perl-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'openssl-perl-1.1.1c-5.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssl / openssl-devel / openssl-libs / openssl-perl');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-29T13:11:02", "description": "According to its self-reported version, the Tenable.sc application installed on the remote host is version 5.16.0 or 5.17.0 and affected by the following OpenSSL denial of service vulnerability:\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-04-09T00:00:00", "type": "nessus", "title": "Tenable.sc 5.16.0 / 5.17.0 OpenSSL DoS (TNS-2021-06)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-09-23T00:00:00", "cpe": ["cpe:/a:tenable:securitycenter"], "id": "SECURITYCENTER_5_17_0_TNS_2021_06.NASL", "href": "https://www.tenable.com/plugins/nessus/148404", "sourceData": "#TRUSTED b2889fa2c2e5dbd337ffc0286a4f925b659dd562e95f1e7d962deedcbb1062c332b126ea1962353fc05171006e307181a100406dc774ff3323cc4152c0739b4d3e3c62233592c8b8690f6d58ee1820fbd5225a81738743b5d0f3ac3a5a7d37d9cecc8d1438a37ca930c8df3b5de66a8d041d59ea90ffc0d9be45cd613e597bea3bcdda9411b96f2a36cd1a560594ca2205bf09cabc6486b22d894dd7bf8f53f3b542f273f6220ea88b050f1a59749d3012e1463f71e144c9dacfa8e1e713f886fd0b91ef1c0b473fbe637a0b97e4082d740fd8126fb22a0bbe0ff3f20dcc8e18984d5968070d6512d90e26895b6379d5da7f56f45c0d92c1ddb4f6ee1d7e95667c53b994ddac11f2cbdfa5f02d145d8606671f6144e14a670d98d4e88d3d6ae8ce644badc2babaf968b190f952ef75cb79a54d07cb58486e85e46685aec0c575a80f79e238c6eaee04d2c8726e589d6af1449b810ed05dfc54d97b5f5ac491a333c89bc2495fb7ce29f7b05855c390af7e787e763c133b49c18fe77e3ffe1ff291ca98ef944423b795f051b13a681a33222a2a70678bdf118058ff5a8c4b30e20fc3e9c31270e6cd88049ac54320cdab9b0ca44fae4c6605b2581775fdaa76f8f50475fe7fc637b8a92321e40bbf30cfe73c270cddfdad9aaf1f27749c27064d4ba994bee21aa917d72897e42a229ae2c757eda68f1575252b114f128a55e3b8\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148404);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/23\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n\n script_name(english:\"Tenable.sc 5.16.0 / 5.17.0 OpenSSL DoS (TNS-2021-06)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Tenable.sc application installed on the remote host is version 5.16.0 or\n5.17.0 and affected by the following OpenSSL denial of service vulnerability:\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a\n TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial\n ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result,\n leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation\n enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1\n versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not\n impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-06\");\n # https://docs.tenable.com/releasenotes/Content/tenablesc/tenablesc2021041.htm\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c531f5e9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Tenable.sc Patch SC-202104.1 or update to version 5.18.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:securitycenter\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"securitycenter_installed.nbin\");\n script_require_ports(\"installed_sw/Tenable SecurityCenter\");\n\n exit(0);\n}\n\ninclude('vcf_extras.inc');\n\nvar app_info = vcf::tenable_sc::get_app_info();\n\nif (app_info.version !~ \"^5.1[67].0$\")\n audit(AUDIT_INST_VER_NOT_VULN, app_info.app, app_info.version);\n\nvar patches = make_list('SC-202104.1');\nvcf::tenable_sc::check_for_patch(app_info:app_info, patches:patches);\n\nvcf::report_results(app_info:app_info, fix:'Tenable.sc Patch SC-202104.1', severity:SECURITY_WARNING);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-23T12:07:55", "description": "According to the version of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-06-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : openssl (EulerOS-SA-2021-1960)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-06-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-libs", "p-cpe:/a:huawei:euleros:openssl-perl", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2021-1960.NASL", "href": "https://www.tenable.com/plugins/nessus/150247", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150247);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/08\");\n\n script_cve_id(\n \"CVE-2021-3449\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : openssl (EulerOS-SA-2021-1960)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - An OpenSSL TLS server may crash if sent a maliciously\n crafted renegotiation ClientHello message from a\n client. If a TLSv1.2 renegotiation ClientHello omits\n the signature_algorithms extension (where it was\n present in the initial ClientHello), but includes a\n signature_algorithms_cert extension then a NULL pointer\n dereference will result, leading to a crash and a\n denial of service attack. A server is only vulnerable\n if it has TLSv1.2 and renegotiation enabled (which is\n the default configuration). OpenSSL TLS clients are not\n impacted by this issue. All OpenSSL 1.1.1 versions are\n affected by this issue. Users of these versions should\n upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not\n impacted by this issue. Fixed in OpenSSL 1.1.1k\n (Affected 1.1.1-1.1.1j).(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1960\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7b3bc934\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.1.1f-7.h14.eulerosv2r9\",\n \"openssl-libs-1.1.1f-7.h14.eulerosv2r9\",\n \"openssl-perl-1.1.1f-7.h14.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-21T12:48:29", "description": "According to the version of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-06-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : openssl (EulerOS-SA-2021-1970)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-06-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-libs", "p-cpe:/a:huawei:euleros:openssl-perl", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2021-1970.NASL", "href": "https://www.tenable.com/plugins/nessus/150252", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150252);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/08\");\n\n script_cve_id(\n \"CVE-2021-3449\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : openssl (EulerOS-SA-2021-1970)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - An OpenSSL TLS server may crash if sent a maliciously\n crafted renegotiation ClientHello message from a\n client. If a TLSv1.2 renegotiation ClientHello omits\n the signature_algorithms extension (where it was\n present in the initial ClientHello), but includes a\n signature_algorithms_cert extension then a NULL pointer\n dereference will result, leading to a crash and a\n denial of service attack. A server is only vulnerable\n if it has TLSv1.2 and renegotiation enabled (which is\n the default configuration). OpenSSL TLS clients are not\n impacted by this issue. All OpenSSL 1.1.1 versions are\n affected by this issue. Users of these versions should\n upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not\n impacted by this issue. Fixed in OpenSSL 1.1.1k\n (Affected 1.1.1-1.1.1j).(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1970\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f3d85e09\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.1.1f-7.h14.eulerosv2r9\",\n \"openssl-libs-1.1.1f-7.h14.eulerosv2r9\",\n \"openssl-perl-1.1.1f-7.h14.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-21T12:41:33", "description": "According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.Security Fix(es):An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue.(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-07-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : openssl (EulerOS-SA-2021-2052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-libs", "p-cpe:/a:huawei:euleros:openssl-perl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2052.NASL", "href": "https://www.tenable.com/plugins/nessus/151230", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151230);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2021-3449\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : openssl (EulerOS-SA-2021-2052)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - The OpenSSL toolkit provides support for secure\n communications between machines. OpenSSL includes a\n certificate management tool and shared libraries which\n provide various cryptographic algorithms and\n protocols.Security Fix(es):An OpenSSL TLS server may\n crash if sent a maliciously crafted renegotiation\n ClientHello message from a client. If a TLSv1.2\n renegotiation ClientHello omits the\n signature_algorithms extension (where it was present in\n the initial ClientHello), but includes a\n signature_algorithms_cert extension then a NULL pointer\n dereference will result, leading to a crash and a\n denial of service attack. A server is only vulnerable\n if it has TLSv1.2 and renegotiation enabled (which is\n the default configuration). OpenSSL TLS clients are not\n impacted by this issue.(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2052\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a6550a1b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.1.1f-7.h14.eulerosv2r9\",\n \"openssl-libs-1.1.1f-7.h14.eulerosv2r9\",\n \"openssl-perl-1.1.1f-7.h14.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-21T12:46:25", "description": "According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.Security Fix(es):An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue.(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-07-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : openssl (EulerOS-SA-2021-2063)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-libs", "p-cpe:/a:huawei:euleros:openssl-perl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2063.NASL", "href": "https://www.tenable.com/plugins/nessus/151239", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151239);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2021-3449\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : openssl (EulerOS-SA-2021-2063)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - The OpenSSL toolkit provides support for secure\n communications between machines. OpenSSL includes a\n certificate management tool and shared libraries which\n provide various cryptographic algorithms and\n protocols.Security Fix(es):An OpenSSL TLS server may\n crash if sent a maliciously crafted renegotiation\n ClientHello message from a client. If a TLSv1.2\n renegotiation ClientHello omits the\n signature_algorithms extension (where it was present in\n the initial ClientHello), but includes a\n signature_algorithms_cert extension then a NULL pointer\n dereference will result, leading to a crash and a\n denial of service attack. A server is only vulnerable\n if it has TLSv1.2 and renegotiation enabled (which is\n the default configuration). OpenSSL TLS clients are not\n impacted by this issue.(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2063\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?64227b37\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.1.1f-7.h14.eulerosv2r9\",\n \"openssl-libs-1.1.1f-7.h14.eulerosv2r9\",\n \"openssl-perl-1.1.1f-7.h14.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-21T12:40:00", "description": "According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue.(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-06-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : openssl (EulerOS-SA-2021-1985)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-06-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "p-cpe:/a:huawei:euleros:openssl-perl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1985.NASL", "href": "https://www.tenable.com/plugins/nessus/151033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151033);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/30\");\n\n script_cve_id(\n \"CVE-2021-3449\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : openssl (EulerOS-SA-2021-1985)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - An OpenSSL TLS server may crash if sent a maliciously\n crafted renegotiation ClientHello message from a\n client. If a TLSv1.2 renegotiation ClientHello omits\n the signature_algorithms extension (where it was\n present in the initial ClientHello), but includes a\n signature_algorithms_cert extension then a NULL pointer\n dereference will result, leading to a crash and a\n denial of service attack. A server is only vulnerable\n if it has TLSv1.2 and renegotiation enabled (which is\n the default configuration). OpenSSL TLS clients are not\n impacted by this issue.(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1985\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?78f0911c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.1.1-3.h15.eulerosv2r8\",\n \"openssl-devel-1.1.1-3.h15.eulerosv2r8\",\n \"openssl-libs-1.1.1-3.h15.eulerosv2r8\",\n \"openssl-perl-1.1.1-3.h15.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-21T12:40:00", "description": "According to the version of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-06-30T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : openssl (EulerOS-SA-2021-2020)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-07-02T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2021-2020.NASL", "href": "https://www.tenable.com/plugins/nessus/151159", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151159);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/02\");\n\n script_cve_id(\n \"CVE-2021-3449\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : openssl (EulerOS-SA-2021-2020)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - An OpenSSL TLS server may crash if sent a maliciously\n crafted renegotiation ClientHello message from a\n client. If a TLSv1.2 renegotiation ClientHello omits\n the signature_algorithms extension (where it was\n present in the initial ClientHello), but includes a\n signature_algorithms_cert extension then a NULL pointer\n dereference will result, leading to a crash and a\n denial of service attack. A server is only vulnerable\n if it has TLSv1.2 and renegotiation enabled (which is\n the default configuration). OpenSSL TLS clients are not\n impacted by this issue. All OpenSSL 1.1.1 versions are\n affected by this issue. Users of these versions should\n upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not\n impacted by this issue. Fixed in OpenSSL 1.1.1k\n (Affected 1.1.1-1.1.1j).(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2020\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6c5b185e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.1.1-3.h15.eulerosv2r8\",\n \"openssl-devel-1.1.1-3.h15.eulerosv2r8\",\n \"openssl-libs-1.1.1-3.h15.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-21T12:39:58", "description": "According to the version of the openssl1.1.1d packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.Security Fix(es):A flaw was found in openssl.\n A sA flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signature_algorithms extension but includes a signature_algorithms_cert extension. The highest threat from this vulnerability is to system availability.\n crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signature_algorithms extension but includes a signature_algorithms_cert extension. The highest threat from this vulnerability is to system availability.(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-07-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : openssl1.1.1d (EulerOS-SA-2021-2225)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-07-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl111d", "p-cpe:/a:huawei:euleros:openssl111d-devel", "p-cpe:/a:huawei:euleros:openssl111d-libs", "p-cpe:/a:huawei:euleros:openssl111d-static", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2225.NASL", "href": "https://www.tenable.com/plugins/nessus/151772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151772);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/21\");\n\n script_cve_id(\n \"CVE-2021-3449\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : openssl1.1.1d (EulerOS-SA-2021-2225)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl1.1.1d packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - The OpenSSL toolkit provides support for secure\n communications between machines. OpenSSL includes a\n certificate management tool and shared libraries which\n provide various cryptographic algorithms and\n protocols.Security Fix(es):A flaw was found in openssl.\n A sA flaw was found in openssl. A server crash and\n denial of service attack could occur if a client sends\n a TLSv1.2 renegotiation ClientHello and omits the\n signature_algorithms extension but includes a\n signature_algorithms_cert extension. The highest threat\n from this vulnerability is to system availability.\n crash and denial of service attack could occur if a\n client sends a TLSv1.2 renegotiation ClientHello and\n omits the signature_algorithms extension but includes a\n signature_algorithms_cert extension. The highest threat\n from this vulnerability is to system\n availability.(CVE-2021-3449)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2225\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2b7bdae5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl1.1.1d package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl111d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl111d-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl111d-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl111d-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl111d-1.1.1d-2.h9.eulerosv2r7\",\n \"openssl111d-devel-1.1.1d-2.h9.eulerosv2r7\",\n \"openssl111d-libs-1.1.1d-2.h9.eulerosv2r7\",\n \"openssl111d-static-1.1.1d-2.h9.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl1.1.1d\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-11T16:55:53", "description": "The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2751 advisory.\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-09-02T00:00:00", "type": "nessus", "title": "Debian DLA-2751-1 : postgresql-9.6 - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-09-02T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libecpg-compat3:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libecpg-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libecpg6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libpgtypes3:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libpq-dev:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:libpq5:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-9.6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-9.6-dbg:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-client-9.6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-contrib-9.6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-doc-9.6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-plperl-9.6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-plpython-9.6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-plpython3-9.6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-pltcl-9.6:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-server-dev-9.6:*:*:*:*:*:*:*"], "id": "DEBIAN_DLA-2751.NASL", "href": "https://www.tenable.com/plugins/nessus/152966", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2751. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152966);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/02\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0193\");\n\n script_name(english:\"Debian DLA-2751-1 : postgresql-9.6 - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2751\nadvisory.\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a\n client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was\n present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL\n pointer dereference will result, leading to a crash and a denial of service attack. A server is only\n vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS\n clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of\n these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in\n OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://security-tracker.debian.org/tracker/source-package/postgresql-9.6\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?350b32e8\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/postgresql-9.6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the postgresql-9.6 packages.\n\nFor Debian 9 stretch, this problem has been fixed in version 9.6.23-0+deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libecpg-compat3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libecpg-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpgtypes3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpq-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-9.6-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-client-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-contrib-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-doc-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-plperl-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-plpython-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-plpython3-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-pltcl-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-server-dev-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'libecpg-compat3', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'libecpg-dev', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'libecpg6', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'libpgtypes3', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'libpq-dev', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'libpq5', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-9.6', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-9.6-dbg', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-client-9.6', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-contrib-9.6', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-doc-9.6', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-plperl-9.6', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-plpython-9.6', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-plpython3-9.6', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-pltcl-9.6', 'reference': '9.6.23-0+deb9u1'},\n {'release': '9.0', 'prefix': 'postgresql-server-dev-9.6', 'reference': '9.6.23-0+deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libecpg-compat3 / libecpg-dev / libecpg6 / libpgtypes3 / libpq-dev / etc');\n}\n", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-29T13:13:19", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4891-1 advisory.\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-03-25T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : OpenSSL vulnerability (USN-4891-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-08-27T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "p-cpe:/a:canonical:ubuntu_linux:libcrypto1.1-udeb", "p-cpe:/a:canonical:ubuntu_linux:libssl-dev", "p-cpe:/a:canonical:ubuntu_linux:libssl1.1", "p-cpe:/a:canonical:ubuntu_linux:libssl1.1-udeb", "p-cpe:/a:canonical:ubuntu_linux:openssl"], "id": "UBUNTU_USN-4891-1.NASL", "href": "https://www.tenable.com/plugins/nessus/148130", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4891-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148130);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/27\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"USN\", value:\"4891-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : OpenSSL vulnerability (USN-4891-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as\nreferenced in the USN-4891-1 advisory.\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a\n client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was\n present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL\n pointer dereference will result, leading to a crash and a denial of service attack. A server is only\n vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS\n clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of\n these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in\n OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4891-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcrypto1.1-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.1-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|20\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 20.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'libcrypto1.1-udeb', 'pkgver': '1.1.1-1ubuntu2.1~18.04.9'},\n {'osver': '18.04', 'pkgname': 'libssl-dev', 'pkgver': '1.1.1-1ubuntu2.1~18.04.9'},\n {'osver': '18.04', 'pkgname': 'libssl1.1', 'pkgver': '1.1.1-1ubuntu2.1~18.04.9'},\n {'osver': '18.04', 'pkgname': 'libssl1.1-udeb', 'pkgver': '1.1.1-1ubuntu2.1~18.04.9'},\n {'osver': '18.04', 'pkgname': 'openssl', 'pkgver': '1.1.1-1ubuntu2.1~18.04.9'},\n {'osver': '20.04', 'pkgname': 'libcrypto1.1-udeb', 'pkgver': '1.1.1f-1ubuntu2.3'},\n {'osver': '20.04', 'pkgname': 'libssl-dev', 'pkgver': '1.1.1f-1ubuntu2.3'},\n {'osver': '20.04', 'pkgname': 'libssl1.1', 'pkgver': '1.1.1f-1ubuntu2.3'},\n {'osver': '20.04', 'pkgname': 'libssl1.1-udeb', 'pkgver': '1.1.1f-1ubuntu2.3'},\n {'osver': '20.04', 'pkgname': 'openssl', 'pkgver': '1.1.1f-1ubuntu2.3'},\n {'osver': '20.10', 'pkgname': 'libcrypto1.1-udeb', 'pkgver': '1.1.1f-1ubuntu4.3'},\n {'osver': '20.10', 'pkgname': 'libssl-dev', 'pkgver': '1.1.1f-1ubuntu4.3'},\n {'osver': '20.10', 'pkgname': 'libssl1.1', 'pkgver': '1.1.1f-1ubuntu4.3'},\n {'osver': '20.10', 'pkgname': 'libssl1.1-udeb', 'pkgver': '1.1.1f-1ubuntu4.3'},\n {'osver': '20.10', 'pkgname': 'openssl', 'pkgver': '1.1.1f-1ubuntu4.3'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libcrypto1.1-udeb / libssl-dev / libssl1.1 / libssl1.1-udeb / openssl');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-29T13:11:57", "description": "According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is version 5.13.x < 5.18.0 and affected by the following OpenSSL denial of service vulnerability: \n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-04-01T00:00:00", "type": "nessus", "title": "Tenable SecurityCenter 5.13.x < 5.18.0 DoS (TNS-2021-06)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-08-27T00:00:00", "cpe": ["cpe:/a:tenable:securitycenter", "cpe:/a:openssl:openssl"], "id": "SECURITYCENTER_OPENSSL_1_1_1K_TNS_2021_03.NASL", "href": "https://www.tenable.com/plugins/nessus/148280", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148280);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/27\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n\n script_name(english:\"Tenable SecurityCenter 5.13.x < 5.18.0 DoS (TNS-2021-06)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is \nversion 5.13.x < 5.18.0 and affected by the following OpenSSL denial of service vulnerability: \n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a\n client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was\n present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL\n pointer dereference will result, leading to a crash and a denial of service attack. A server is only\n vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS\n clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of\n these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in\n OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the\napplication's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20210325.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-06\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update to Tenable SecurityCenter 5.18.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/01\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:securitycenter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"securitycenter_installed.nbin\", \"securitycenter_detect.nbin\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Host/SecurityCenter/Version\", \"installed_sw/SecurityCenter\");\n\n exit(0);\n}\n\ninclude('vcf_extras.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# try first local\nlocal_version = get_kb_item('Host/SecurityCenter/Version');\nif (!empty_or_null(local_version))\n{\n app_info = vcf::tenable_sc::get_app_info();\n}\nelse\n{\n # otherwise, remote\n port = get_http_port(default:443, dont_exit:TRUE);\n app_info = vcf::tenable_sc::get_app_info(port:port);\n}\n\n# let's check if the version is within the vulnerable range\nconstraints = [\n {'min_version': '5.13.0', 'fixed_version':'5.18.0'}\n];\n\nvcf::check_version_and_report(\n app_info:app_info, \n constraints:constraints, \n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-29T13:11:02", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1063 advisory.\n\n - openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-04-05T00:00:00", "type": "nessus", "title": "RHEL 8 : openssl (RHSA-2021:1063)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-libs", "p-cpe:/a:redhat:enterprise_linux:openssl-perl"], "id": "REDHAT-RHSA-2021-1063.NASL", "href": "https://www.tenable.com/plugins/nessus/148317", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1063. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148317);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"RHSA\", value:\"2021:1063\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0193\");\n\n script_name(english:\"RHEL 8 : openssl (RHSA-2021:1063)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:1063 advisory.\n\n - openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1063\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1941554\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_aus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_2_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_2_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_2_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_2'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'openssl-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-devel-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-devel-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-devel-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-devel-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-libs-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-libs-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-libs-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-libs-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-perl-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-perl-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'openssl-perl-1.1.1c-18.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssl / openssl-devel / openssl-libs / openssl-perl');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-10T00:00:00", "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). \n\nThis plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2022-02-07T00:00:00", "type": "nessus", "title": "Siemens (CVE-2021-3449)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2022-02-07T00:00:00", "cpe": ["cpe:/o:siemens:simatic_s7-1200_cpu_1211c_firmware", "cpe:/o:siemens:simatic_s7-1200_cpu_1212c_firmware", "cpe:/o:siemens:simatic_s7-1200_cpu_1212fc_firmware", "cpe:/o:siemens:simatic_s7-1200_cpu_1214_fc_firmware", "cpe:/o:siemens:simatic_s7-1200_cpu_1214c_firmware", "cpe:/o:siemens:simatic_s7-1200_cpu_1215_fc_firmware", "cpe:/o:siemens:simatic_s7-1200_cpu_1215c_firmware", "cpe:/o:siemens:simatic_s7-1200_cpu_1217c_firmware", "cpe:/o:siemens:simatic_s7-1500_cpu_1518-4_pn%2fdp_mfp_firmware"], "id": "TENABLE_OT_SIEMENS_CVE-2021-3449.NASL", "href": "https://www.tenable.com/plugins/ot/500504", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(500504);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/07\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"DSA\", value:\"DSA-4875\");\n script_xref(name:\"GLSA\", value:\"GLSA-202103-03\");\n script_xref(name:\"FEDORA\", value:\"FEDORA-2021-cbf14ab8f9\");\n\n script_name(english:\"Siemens (CVE-2021-3449)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote OT asset is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a\nTLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial\nClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to\na crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which\nis the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are\naffected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this\nissue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). \n\nThis plugin only works with Tenable.ot. Please visit\nhttps://www.tenable.com/products/tenable-ot for more information.\");\n # https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6aafb4b2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20210325.txt\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8a21cd9d\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2021/dsa-4875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.netapp.com/advisory/ntap-20210326-0006/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openwall.com/lists/oss-security/2021/03/27/1\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openwall.com/lists/oss-security/2021/03/27/2\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openwall.com/lists/oss-security/2021/03/28/3\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openwall.com/lists/oss-security/2021/03/28/4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202103-03\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-06\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-05\");\n # https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9e6d325e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kc.mcafee.com/corporate/index?page=content&id=SB10356\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-09\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.netapp.com/advisory/ntap-20210513-0002/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-10\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuApr2021.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com//security-alerts/cpujul2021.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuoct2021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Refer to the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(476);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_s7-1200_cpu_1211c_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_s7-1200_cpu_1212c_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_s7-1200_cpu_1212fc_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_s7-1200_cpu_1214_fc_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_s7-1200_cpu_1214c_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_s7-1200_cpu_1215_fc_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_s7-1200_cpu_1215c_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_s7-1200_cpu_1217c_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_s7-1500_cpu_1518-4_pn%2fdp_mfp_firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Tenable.ot\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tenable_ot_api_integration.nasl\");\n script_require_keys(\"Tenable.ot/Siemens\");\n\n exit(0);\n}\n\n\ninclude('tenable_ot_cve_funcs.inc');\n\nget_kb_item_or_exit('Tenable.ot/Siemens');\n\nvar asset = tenable_ot::assets::get(vendor:'Siemens');\n\nvar vuln_cpes = {\n \"cpe:/o:siemens:simatic_s7-1200_cpu_1211c_firmware\" : {},\n \"cpe:/o:siemens:simatic_s7-1200_cpu_1212c_firmware\" : {},\n \"cpe:/o:siemens:simatic_s7-1200_cpu_1212fc_firmware\" : {},\n \"cpe:/o:siemens:simatic_s7-1200_cpu_1214_fc_firmware\" : {},\n \"cpe:/o:siemens:simatic_s7-1200_cpu_1214c_firmware\" : {},\n \"cpe:/o:siemens:simatic_s7-1200_cpu_1215_fc_firmware\" : {},\n \"cpe:/o:siemens:simatic_s7-1200_cpu_1215c_firmware\" : {},\n \"cpe:/o:siemens:simatic_s7-1200_cpu_1217c_firmware\" : {},\n \"cpe:/o:siemens:simatic_s7-1500_cpu_1518-4_pn%2fdp_mfp_firmware\" : {}\n};\n\ntenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-12T14:49:27", "description": "A NULL pointer dereference was found in the signature_algorithms processing in OpenSSL, a Secure Sockets Layer toolkit, which could result in denial of service.\n\nAdditional details can be found in the upstream advisory:\nhttps://www.openssl.org/news/secadv/20210325.txt", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-03-26T00:00:00", "type": "nessus", "title": "Debian DSA-4875-1 : openssl - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-08-30T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:openssl:*:*:*:*:*:*:*"], "id": "DEBIAN_DSA-4875.NASL", "href": "https://www.tenable.com/plugins/nessus/148170", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4875. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148170);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/30\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"DSA\", value:\"4875\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n\n script_name(english:\"Debian DSA-4875-1 : openssl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A NULL pointer dereference was found in the signature_algorithms\nprocessing in OpenSSL, a Secure Sockets Layer toolkit, which could\nresult in denial of service.\n\nAdditional details can be found in the upstream advisory:\nhttps://www.openssl.org/news/secadv/20210325.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20210325.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2021/dsa-4875\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.1.1d-0+deb10u6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libcrypto1.1-udeb\", reference:\"1.1.1d-0+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl-dev\", reference:\"1.1.1d-0+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl-doc\", reference:\"1.1.1d-0+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl1.1\", reference:\"1.1.1d-0+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl1.1-udeb\", reference:\"1.1.1d-0+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"openssl\", reference:\"1.1.1d-0+deb10u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-12T14:48:48", "description": "This update for openssl-1_1 fixes the security issue :\n\n - CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension but includes a signature_algorithms_cert extension, then a NULL pointer dereference will result, leading to a crash and a denial of service attack. OpenSSL TLS clients are not impacted by this issue. [bsc#1183852]\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-03-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl-1_1 (openSUSE-2021-476)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-08-27T00:00:00", "cpe": ["cpe:2.3:o:novell:opensuse:15.2:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:libopenssl-1_1-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:libopenssl-1_1-devel-32bit:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:libopenssl1_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:libopenssl1_1-32bit:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:libopenssl1_1-32bit-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:libopenssl1_1-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:libopenssl1_1-hmac:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:libopenssl1_1-hmac-32bit:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:openssl-1_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:openssl-1_1-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:opensuse:openssl-1_1-debugsource:*:*:*:*:*:*:*"], "id": "OPENSUSE-2021-476.NASL", "href": "https://www.tenable.com/plugins/nessus/148176", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-476.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148176);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/27\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n\n script_name(english:\"openSUSE Security Update : openssl-1_1 (openSUSE-2021-476)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for openssl-1_1 fixes the security issue :\n\n - CVE-2021-3449: An OpenSSL TLS server may crash if sent a\n maliciously crafted renegotiation ClientHello message\n from a client. If a TLSv1.2 renegotiation ClientHello\n omits the signature_algorithms extension but includes a\n signature_algorithms_cert extension, then a NULL pointer\n dereference will result, leading to a crash and a denial\n of service attack. OpenSSL TLS clients are not impacted\n by this issue. [bsc#1183852]\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1183852\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl-1_1 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libopenssl-1_1-devel-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libopenssl1_1-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libopenssl1_1-debuginfo-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libopenssl1_1-hmac-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"openssl-1_1-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"openssl-1_1-debuginfo-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"openssl-1_1-debugsource-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libopenssl-1_1-devel-32bit-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.1d-lp152.7.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.1d-lp152.7.15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-debuginfo / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-12T14:49:25", "description": "This update for openssl-1_1 fixes the security issue :\n\nCVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension but includes a signature_algorithms_cert extension, then a NULL pointer dereference will result, leading to a crash and a denial of service attack. OpenSSL TLS clients are not impacted by this issue.\n[bsc#1183852]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-03-26T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2021:0955-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-08-27T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:15:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:openssl:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl-1_1-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1-32bit-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1-hmac:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:openssl-1_1-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:openssl-1_1-debugsource:*:*:*:*:*:*:*"], "id": "SUSE_SU-2021-0955-1.NASL", "href": "https://www.tenable.com/plugins/nessus/148167", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:0955-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148167);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/27\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2021:0955-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for openssl-1_1 fixes the security issue :\n\nCVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously\ncrafted renegotiation ClientHello message from a client. If a TLSv1.2\nrenegotiation ClientHello omits the signature_algorithms extension but\nincludes a signature_algorithms_cert extension, then a NULL pointer\ndereference will result, leading to a crash and a denial of service\nattack. OpenSSL TLS clients are not impacted by this issue.\n[bsc#1183852]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183852\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3449/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20210955-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a1a3e80\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE MicroOS 5.0 :\n\nzypper in -t patch SUSE-SUSE-MicroOS-5.0-2021-955=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP3 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2021-955=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-955=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libopenssl-1_1-devel-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libopenssl1_1-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libopenssl1_1-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"libopenssl1_1-hmac-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"openssl-1_1-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"openssl-1_1-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"3\", reference:\"openssl-1_1-debugsource-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libopenssl-1_1-devel-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libopenssl1_1-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libopenssl1_1-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libopenssl1_1-hmac-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"openssl-1_1-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"openssl-1_1-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"openssl-1_1-debugsource-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libopenssl-1_1-devel-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libopenssl1_1-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libopenssl1_1-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"libopenssl1_1-hmac-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"openssl-1_1-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"openssl-1_1-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"3\", reference:\"openssl-1_1-debugsource-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libopenssl-1_1-devel-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libopenssl1_1-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libopenssl1_1-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libopenssl1_1-hmac-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"openssl-1_1-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"openssl-1_1-debuginfo-1.1.1d-11.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"openssl-1_1-debugsource-1.1.1d-11.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_1\");\n}\n", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-12T14:47:43", "description": "This update for openssl-1_1 fixes the following security issue :\n\nCVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension but includes a signature_algorithms_cert extension, then a NULL pointer dereference will result, leading to a crash and a denial of service attack. OpenSSL TLS clients are not impacted by this issue.\n[bsc#1183852]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-03-26T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2021:0954-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2021-08-27T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:12:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:openssl:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:openssl-1_1-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:openssl-1_1-debugsource:*:*:*:*:*:*:*"], "id": "SUSE_SU-2021-0954-1.NASL", "href": "https://www.tenable.com/plugins/nessus/148150", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:0954-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148150);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/27\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"IAVA\", value:\"2021-A-0149-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2021:0954-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for openssl-1_1 fixes the following security issue :\n\nCVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously\ncrafted renegotiation ClientHello message from a client. If a TLSv1.2\nrenegotiation ClientHello omits the signature_algorithms extension but\nincludes a signature_algorithms_cert extension, then a NULL pointer\ndereference will result, leading to a crash and a denial of service\nattack. OpenSSL TLS clients are not impacted by this issue.\n[bsc#1183852]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1183852\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3449/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20210954-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4bc2297f\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-954=1\n\nSUSE OpenStack Cloud 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-9-2021-954=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2021-954=1\n\nSUSE Linux Enterprise Server for SAP 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP4-2021-954=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-954=1\n\nSUSE Linux Enterprise Server 12-SP4-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2021-954=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-32bit-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-debuginfo-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-debuginfo-32bit-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_1-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_1-debuginfo-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_1-debugsource-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libopenssl1_1-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libopenssl1_1-32bit-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libopenssl1_1-debuginfo-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libopenssl1_1-debuginfo-32bit-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"openssl-1_1-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"openssl-1_1-debuginfo-1.1.1d-2.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"openssl-1_1-debugsource-1.1.1d-2.33.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_1\");\n}\n", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-16T00:17:28", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:0955-2 advisory.\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2021:0955-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3449"], "modified": "2022-07-14T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:15:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl-1_1-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1-hmac:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1-32bit:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl1_1-hmac-32bit:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:openssl-1_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libopenssl-1_1-devel-32bit:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:openssl-1_1-doc:*:*:*:*:*:*:*"], "id": "SUSE_SU-2021-0955-2.NASL", "href": "https://www.tenable.com/plugins/nessus/163092", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:0955-2. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163092);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/14\");\n\n script_cve_id(\"CVE-2021-3449\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:0955-2\");\n\n script_name(english:\"SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2021:0955-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-\nSU-2021:0955-2 advisory.\n\n - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a\n client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was\n present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL\n pointer dereference will result, leading to a crash and a denial of service attack. A server is only\n vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS\n clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of\n these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in\n OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). (CVE-2021-3449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1183852\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-July/011541.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2a2b4b02\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3449\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-1_1-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libopenssl-1_1-devel-1.1.1d-11.20.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-certifications-release-15.3']},\n {'reference':'libopenssl-1_1-devel-32bit-1.1.1d-11.20.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-certifications-release-15.3']},\n {'reference':'libopenssl1_1-1.1.1d-11.20.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-certifications-release-15.3']},\n {'reference':'libopenssl1_1-32bit-1.1.1d-11.20.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-certifications-release-15.3']},\n {'reference':'libopenssl1_1-hmac-1.1.1d-11.20.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-certifications-release-15.3']},\n {'reference':'libopenssl1_1-hmac-32bit-1.1.1d-11.20.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-certifications-release-15.3']},\n {'reference':'openssl-1_1-1.1.1d-11.20.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-certifications-release-15.3']},\n {'reference':'openssl-1_1-doc-1.1.1d-11.20.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-certifications-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc');\n}\n", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2021-12-06T02:36:38", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2608-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Roberto C. S\u00e1nchez\nMarch 25, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : jquery\nVersion : 3.1.1-2+deb9u2\nCVE ID : CVE-2020-11022 CVE-2020-11023\n\nTwo vulnerabilities have been discovered in jquery's handling of\nuntrusted HTML which may result in execution of untrusted code.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.1.1-2+deb9u2.\n\nWe recommend that you upgrade your jquery packages.\n\nFor the detailed security status of jquery please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jquery\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2021-03-26T01:32:22", "type": "debian", "title": "[SECURITY] [DLA 2608-1] jquery security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-03-26T01:32:22", "id": "DEBIAN:DLA-2608-1:50303", "href": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-02-16T11:31:06", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4693-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 26, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : drupal7\nCVE ID : CVE-2020-11022 CVE-2020-11023 SA-CORE-2020-003\n\nSeveral vulnerabilities were discovered in Drupal, a fully-featured\ncontent management framework, which could result in an open redirect or\ncross-site scripting.\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 7.52-2+deb9u10.\n\nWe recommend that you upgrade your drupal7 packages.\n\nFor the detailed security status of drupal7 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/drupal7\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-05-26T21:08:21", "type": "debian", "title": "[SECURITY] [DSA 4693-1] drupal7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-05-26T21:08:21", "id": "DEBIAN:DSA-4693-1:F5786", "href": "https://lists.debian.org/debian-security-announce/2020/msg00097.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-21T17:58:30", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4855-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nFebruary 17, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2019-1551 CVE-2021-23840 CVE-2021-23841\nDebian Bug : 947949\n\nMultiple vulnerabilities have been discovered in OpenSSL, a Secure\nSockets Layer toolkit. An overflow bug in the x64_64 Montgomery squaring\nprocedure, an integer overflow in CipherUpdate and a NULL pointer\ndereference flaw X509_issuer_and_serial_hash() were found, which could\nresult in denial of service.\n\nAdditional details can be found in the upstream advisories\nhttps://www.openssl.org/news/secadv/20191206.txt and\nhttps://www.openssl.org/news/secadv/20210216.txt .\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.1.1d-0+deb10u5.\n\nWe recommend that you upgrade your openssl packages.\n\nFor the detailed security status of openssl please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/openssl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-17T13:40:59", "type": "debian", "title": "[SECURITY] [DSA 4855-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1551", "CVE-2021-23840", "CVE-2021-23841"], "modified": "2021-02-17T13:40:59", "id": "DEBIAN:DSA-4855-1:B091B", "href": "https://lists.debian.org/debian-security-announce/2021/msg00035.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-17T23:29:59", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4855-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nFebruary 17, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2019-1551 CVE-2021-23840 CVE-2021-23841\nDebian Bug : 947949\n\nMultiple vulnerabilities have been discovered in OpenSSL, a Secure\nSockets Layer toolkit. An overflow bug in the x64_64 Montgomery squaring\nprocedure, an integer overflow in CipherUpdate and a NULL pointer\ndereference flaw X509_issuer_and_serial_hash() were found, which could\nresult in denial of service.\n\nAdditional details can be found in the upstream advisories\nhttps://www.openssl.org/news/secadv/20191206.txt and\nhttps://www.openssl.org/news/secadv/20210216.txt .\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.1.1d-0+deb10u5.\n\nWe recommend that you upgrade your openssl packages.\n\nFor the detailed security status of openssl please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/openssl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-17T13:40:59", "type": "debian", "title": "[SECURITY] [DSA 4855-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1551", "CVE-2021-23840", "CVE-2021-23841"], "modified": "2021-02-17T13:40:59", "id": "DEBIAN:DSA-4855-1:4A0C0", "href": "https://lists.debian.org/debian-security-announce/2021/msg00035.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-01T14:37:51", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2751-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Christoph Berg\nAugust 31, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : postgresql-9.6\nVersion : 9.6.23-0+deb9u1\nCVE ID : CVE-2021-3449\n\nPostgreSQL 9.6.23 fixes this security issue:\n\n Disallow SSL renegotiation more completely (Michael Paquier)\n\n SSL renegotiation has been disabled for some time, but the server would\n still cooperate with a client-initiated renegotiation request. A\n maliciously crafted renegotiation request could result in a server crash\n (see OpenSSL issue CVE-2021-3449). Disable the feature altogether on\n OpenSSL versions that permit doing so, which are 1.1.0h and newer.\n\nFor Debian 9 stretch, this problem has been fixed in version\n9.6.23-0+deb9u1.\n\nWe recommend that you upgrade your postgresql-9.6 packages.\n\nFor the detailed security status of postgresql-9.6 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/postgresql-9.6\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-08-31T14:03:14", "type": "debian", "title": "[SECURITY] [DLA 2751-1] postgresql-9.6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3449"], "modified": "2021-08-31T14:03:14", "id": "DEBIAN:DLA-2751-1:5F8DA", "href": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-29T22:22:56", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4875-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nMarch 25, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2021-3449\n\nA NULL pointer dereference was found in the signature_algorithms\nprocessing in OpenSSL, a Secure Sockets Layer toolkit, which could\nresult in denial of service.\n\nAdditional details can be found in the upstream advisory:\nhttps://www.openssl.org/news/secadv/20210325.txt\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.1.1d-0+deb10u6.\n\nWe recommend that you upgrade your openssl packages.\n\nFor the detailed security status of openssl please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/openssl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-03-25T15:41:28", "type": "debian", "title": "[SECURITY] [DSA 4875-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3449"], "modified": "2021-03-25T15:41:28", "id": "DEBIAN:DSA-4875-1:AE1B0", "href": "https://lists.debian.org/debian-security-announce/2021/msg00056.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T17:57:17", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4875-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nMarch 25, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2021-3449\n\nA NULL pointer dereference was found in the signature_algorithms\nprocessing in OpenSSL, a Secure Sockets Layer toolkit, which could\nresult in denial of service.\n\nAdditional details can be found in the upstream advisory:\nhttps://www.openssl.org/news/secadv/20210325.txt\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.1.1d-0+deb10u6.\n\nWe recommend that you upgrade your openssl packages.\n\nFor the detailed security status of openssl please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/openssl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-03-25T15:41:28", "type": "debian", "title": "[SECURITY] [DSA 4875-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3449"], "modified": "2021-03-25T15:41:28", "id": "DEBIAN:DSA-4875-1:829EF", "href": "https://lists.debian.org/debian-security-announce/2021/msg00056.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-22T02:33:28", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4661-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nApril 21, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2020-1967\n\nBernd Edlinger discovered that malformed data passed to the\nSSL_check_chain() function during or after a TLS 1.3 handshake could\ncause a NULL dereference, resulting in denial of service.\n\nThe oldstable distribution (stretch) is not affected.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.1.1d-0+deb10u3.\n\nWe recommend that you upgrade your openssl packages.\n\nFor the detailed security status of openssl please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/openssl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-21T13:58:12", "type": "debian", "title": "[SECURITY] [DSA 4661-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-21T13:58:12", "id": "DEBIAN:DSA-4661-1:70270", "href": "https://lists.debian.org/debian-security-announce/2020/msg00064.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "drupal": [{"lastseen": "2021-08-26T17:45:21", "description": "The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are [...] security issues in jQuery\u2019s DOM manipulation methods, as in .html(), .append(), and the others. Security advisories for both of these issues have been published on GitHub. Those advisories are: CVE-2020-11022 CVE-2020-11023 These vulnerabilities may be exploitable on some Drupal sites. This Drupal security release backports the fixes to the relevant jQuery functions, without making any other changes to the jQuery version that is included in Drupal core or running on the site via some other module such as jQuery Update. It is not necessary to update jquery_update on Drupal 7 sites that have the module installed. Backwards-compatibility code has also been added to minimize regressions to Drupal sites that might rely on jQuery's prior behavior. With jQuery 3.5, incorrect self-closing HTML tags in JavaScript for elements where end tags are normally required will encounter a change in what jQuery returns or inserts. To minimize that disruption in 8.8.x and earlier, this security release retains jQuery's prior behavior for most safe tags. There may still be regressions for edge cases, including invalidly self-closed custom elements on Internet Explorer. (Note: the backwards compatibility layer will not be included in the upcoming Drupal 8.9 and 9.0 releases, so Drupal 8 and 9 modules, themes, and sites should correct tags in JavaScript to properly use closing tags.) If you find a regression caused by the jQuery changes, please report it in Drupal core's issue queue (or that of the relevant contrib project). However, if you believe you have found a security issue, please report it privately to the Drupal Security Team.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-05-20T00:00:00", "type": "drupal", "title": "Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002\n", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-05-20T00:00:00", "id": "DRUPAL-SA-CORE-2020-002", "href": "https://www.drupal.org/sa-core-2020-002", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2020-05-28T13:54:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-28T00:00:00", "type": "openvas", "title": "Debian: Security Advisory for drupal7 (DSA-4693-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-05-28T00:00:00", "id": "OPENVAS:1361412562310704693", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704693", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704693\");\n script_version(\"2020-05-28T03:00:10+0000\");\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-28 03:00:10 +0000 (Thu, 28 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-28 03:00:10 +0000 (Thu, 28 May 2020)\");\n script_name(\"Debian: Security Advisory for drupal7 (DSA-4693-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4693.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4693-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the DSA-4693-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in Drupal, a fully-featured\ncontent management framework, which could result in an open redirect or\ncross-site scripting.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 7.52-2+deb9u10.\n\nWe recommend that you upgrade your drupal7 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.52-2+deb9u10\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-03T15:55:16", "description": "Discourse is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2020-05-28T00:00:00", "type": "openvas", "title": "Discourse < 2.5.0.beta5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562310108764", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108764", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:discourse:discourse\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108764\");\n script_version(\"2020-05-29T07:55:07+0000\");\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 07:55:07 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-28 11:42:13 +0000 (Thu, 28 May 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_name(\"Discourse < 2.5.0.beta5 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_discourse_detect.nasl\");\n script_mandatory_keys(\"discourse/detected\");\n\n script_tag(name:\"summary\", value:\"Discourse is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"The following flaws exist / security fixes are included:\n\n - Re-adds accidentally reverted commit: Ensure embed_url contains valid http(s) uri\n\n - ERB execution in custom Email Style\n\n - Updates jQuery to 3.5.0 (from 3.4.1)\");\n\n script_tag(name:\"affected\", value:\"Discourse up to and including version 2.5.0.beta4.\");\n\n script_tag(name:\"solution\", value:\"Update to version 2.5.0.beta5 or later.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_xref(name:\"URL\", value:\"https://meta.discourse.org/t/discourse-2-5-0-beta5-release-notes/152760\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\n\nif( version_is_less( version:vers, test_version:\"2.5.0\" ) ||\n version_in_range( version:vers, test_version:\"2.5.0.beta1\", test_version2:\"2.5.0.beta4\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"2.5.0.beta5\", install_path:infos[\"location\"] );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-23T17:24:24", "description": "Drupal is prone to multiple cross-site scripting vulnerabilities in jQuery.", "cvss3": {}, "published": "2020-06-19T00:00:00", "type": "openvas", "title": "Drupal 7.x, 8.x jQuery XSS Vulnerabilities (SA-CORE-2020-002) (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-06-19T00:00:00", "id": "OPENVAS:1361412562310144144", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310144144", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:drupal:drupal\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.144144\");\n script_version(\"2020-06-19T07:08:34+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-19 07:08:34 +0000 (Fri, 19 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-19 04:59:39 +0000 (Fri, 19 Jun 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Drupal 7.x, 8.x jQuery XSS Vulnerabilities (SA-CORE-2020-002) (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"drupal_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"drupal/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Drupal is prone to multiple cross-site scripting vulnerabilities in jQuery.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The jQuery project released version 3.5.0, and as part of that, disclosed\n two security vulnerabilities that affect all prior versions. These vulnerabilities may be exploitable on some\n Drupal sites.\");\n\n script_tag(name:\"affected\", value:\"Drupal 7.x, 8.7.x and earlier and 8.8.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.70, 8.7.14, 8.8.6 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2020-002\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_in_range(version: version, test_version: \"7.0\", test_version2: \"7.69\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.70\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0\", test_version2: \"8.7.13\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.7.14\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.8\", test_version2: \"8.8.5\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.8.6\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-23T17:24:24", "description": "Drupal is prone to multiple cross-site scripting vulnerabilities in jQuery.", "cvss3": {}, "published": "2020-06-19T00:00:00", "type": "openvas", "title": "Drupal 7.x, 8.x jQuery XSS Vulnerabilities (SA-CORE-2020-002) (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-06-19T00:00:00", "id": "OPENVAS:1361412562310144145", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310144145", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:drupal:drupal\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.144145\");\n script_version(\"2020-06-19T07:08:34+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-19 07:08:34 +0000 (Fri, 19 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-19 05:30:03 +0000 (Fri, 19 Jun 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Drupal 7.x, 8.x jQuery XSS Vulnerabilities (SA-CORE-2020-002) (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"drupal_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"drupal/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Drupal is prone to multiple cross-site scripting vulnerabilities in jQuery.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The jQuery project released version 3.5.0, and as part of that, disclosed\n two security vulnerabilities that affect all prior versions. These vulnerabilities may be exploitable on some\n Drupal sites.\");\n\n script_tag(name:\"affected\", value:\"Drupal 7.x, 8.7.x and earlier and 8.8.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.70, 8.7.14, 8.8.6 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2020-002\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_in_range(version: version, test_version: \"7.0\", test_version2: \"7.69\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.70\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0\", test_version2: \"8.7.13\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.7.14\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.8\", test_version2: \"8.8.5\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.8.6\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-25T13:47:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-23T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for drupal8 (FEDORA-2020-36d2db5f51)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-06-24T00:00:00", "id": "OPENVAS:1361412562310877975", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877975", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877975\");\n script_version(\"2020-06-24T03:42:18+0000\");\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-24 03:42:18 +0000 (Wed, 24 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-23 03:19:42 +0000 (Tue, 23 Jun 2020)\");\n script_name(\"Fedora: Security Advisory for drupal8 (FEDORA-2020-36d2db5f51)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-36d2db5f51\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal8'\n package(s) announced via the FEDORA-2020-36d2db5f51 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Drupal is an open source content management platform powering millions of\nwebsites and applications. Its built, used, and supported by an active and\ndiverse community of people around the world.\");\n\n script_tag(name:\"affected\", value:\"'drupal8' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.9.0~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-21T20:10:01", "description": "Discourse is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2020-07-02T00:00:00", "type": "openvas", "title": "Discourse < 2.5.0.beta6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562310108811", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108811", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:discourse:discourse\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108811\");\n script_version(\"2020-05-29T07:55:07+0000\");\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 07:55:07 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-02 07:30:26 +0000 (Thu, 02 Jul 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_name(\"Discourse < 2.5.0.beta6 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_discourse_detect.nasl\");\n script_mandatory_keys(\"discourse/detected\");\n\n script_tag(name:\"summary\", value:\"Discourse is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"The following flaws exist / security fixes are included:\n\n - Make find topic by slug adhere to SiteSetting.detailed_404\n\n - Use FinalDestination for topic embeds\n\n - Missing security check prior to redirect\");\n\n script_tag(name:\"affected\", value:\"Discourse up to and including version 2.5.0.beta5.\");\n\n script_tag(name:\"solution\", value:\"Update to version 2.5.0.beta6 or later.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_xref(name:\"URL\", value:\"https://meta.discourse.org/t/discourse-2-5-0-beta6-release-notes/153491\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\n\nif( version_is_less( version:vers, test_version:\"2.5.0\" ) ||\n version_in_range( version:vers, test_version:\"2.5.0.beta1\", test_version2:\"2.5.0.beta5\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"2.5.0.beta6\", install_path:infos[\"location\"] );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-05-18T15:23:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-11T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for openssl (FEDORA-2020-d7b29838f6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967", "CVE-2019-1551"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310877816", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877816", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877816\");\n script_version(\"2020-05-15T04:25:55+0000\");\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 04:25:55 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-11 03:22:27 +0000 (Mon, 11 May 2020)\");\n script_name(\"Fedora: Security Advisory for openssl (FEDORA-2020-d7b29838f6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-d7b29838f6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the FEDORA-2020-d7b29838f6 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.1.1g~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-06T00:57:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for openssl (FEDORA-2020-da2d1ef2d7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967", "CVE-2019-1551"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562310877748", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877748", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877748\");\n script_version(\"2020-04-30T08:51:29+0000\");\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 08:51:29 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 03:15:21 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for openssl (FEDORA-2020-da2d1ef2d7)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-da2d1ef2d7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the FEDORA-2020-da2d1ef2d7 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.1.1g~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-06T01:03:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for openssl (FEDORA-2020-fcc91a28e8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967", "CVE-2019-1551"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562310877736", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877736", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877736\");\n script_version(\"2020-04-30T08:51:29+0000\");\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 08:51:29 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 03:14:49 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for openssl (FEDORA-2020-fcc91a28e8)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-fcc91a28e8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the FEDORA-2020-fcc91a28e8 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.1.1g~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-12T15:40:21", "description": "jQuery is prone to a cross-site scripting vulnerability in jQuery.htmlPrefilter\n and related methods.", "cvss3": {}, "published": "2020-05-05T00:00:00", "type": "openvas", "title": "jQuery 1.2 < 3.5.0 XSS Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022"], "modified": "2020-05-11T00:00:00", "id": "OPENVAS:1361412562310143812", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310143812", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:jquery:jquery\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.143812\");\n script_version(\"2020-05-11T07:05:27+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-11 07:05:27 +0000 (Mon, 11 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-05 05:54:06 +0000 (Tue, 05 May 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2020-11022\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"jQuery 1.2 < 3.5.0 XSS Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_jquery_detect.nasl\");\n script_mandatory_keys(\"jquery/detected\");\n\n script_tag(name:\"summary\", value:\"jQuery is prone to a cross-site scripting vulnerability in jQuery.htmlPrefilter\n and related methods.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Passing HTML from untrusted sources - even after sanitizing it - to one of\n jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code.\");\n\n script_tag(name:\"affected\", value:\"jQuery versions 1.2 and prior to version 3.5.0.\");\n\n script_tag(name:\"solution\", value:\"Update to version 3.5.0 or later.\");\n\n script_xref(name:\"URL\", value:\"https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_is_greater_equal(version: version, test_version: \"1.2\") &&\n version_is_less(version: version, test_version: \"3.5.0\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"3.5.0\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-21T19:27:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-07-07T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0933-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-07-09T00:00:00", "id": "OPENVAS:1361412562310853254", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853254", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853254\");\n script_version(\"2020-07-09T12:15:58+0000\");\n script_cve_id(\"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-07-09 12:15:58 +0000 (Thu, 09 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-07 03:01:09 +0000 (Tue, 07 Jul 2020)\");\n script_name(\"openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0933-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0933-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rust, '\n package(s) announced via the openSUSE-SU-2020:0933-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for rust, rust-cbindgen fixes the following issues:\n\n rust was updated for use by Firefox 76ESR.\n\n - Fixed miscompilations with rustc 1.43 that lead to LTO failures\n (bsc#1173202)\n\n Update to version 1.43.1\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.\n\n - Fixed the stabilization of AVX-512 features.\n\n - Fixed `cargo package --list` not working with unpublished dependencies.\n\n Update to version 1.43.0\n\n + Language:\n\n - Fixed using binary operations with `&{number}` (e.g. `&1.0`) not having\n the type inferred correctly.\n\n - Attributes such as `#[cfg()]` can now be used on `if` expressions.\n\n - Syntax only changes:\n\n * Allow `type Foo: Ord` syntactically.\n\n * Fuse associated and extern items up to defaultness.\n\n * Syntactically allow `self` in all `fn` contexts.\n\n * Merge `fn` syntax + cleanup item parsing.\n\n * `item` macro fragments can be interpolated into `trait`s, `impl`s, and\n `extern` blocks. For example, you may now write: ```rust macro_rules!\n mac_trait { ($i:item) => { trait T { $i } } } mac_trait! { fn foo() {}\n } ```\n\n * These are still rejected *semantically*, so you will likely receive an\n error but these changes can be seen and parsed by macros and\n conditional compilation.\n\n + Compiler\n\n - You can now pass multiple lint flags to rustc to override the previous\n flags.\n\n For example, `rustc -D unused -A unused-variables` denies everything in\n the `unused` lint group except `unused-variables` which is explicitly\n allowed. However, passing `rustc -A unused-variables -D unused` denies\n everything in the `unused` lint group **including** `unused-variables`\n since the allow flag is specified before the deny flag (and therefore\n overridden).\n\n - rustc will now prefer your system MinGW libraries over its bundled\n libraries if they are available on `windows-gnu`.\n\n - rustc now buffers errors/warnings printed in JSON.\n\n Libraries:\n\n - `Arc<[T, N]>`, `Box<[T, N]>`, and `Rc<[T, N]>`, now implement\n `TryFrom<Arc<[T]>>`, `TryFrom<Box<[T]>>`, and `TryFrom<Rc<[T]>>`\n respectively.\n **Note** These conversions are only available when `N` is `0..=32`.\n\n - You can now use associated constants on floats and integers directly,\n rather than having to import the module. e.g. You can now write\n `u32::MAX` or `f32::NAN` with no imports.\n\n - `u8::is_ascii` is now `const`.\n\n - `String` now implements `AsMut<str>`.\n\n - Added the `primitive` module to `std` and `core`. This module reexports\n Rust's primitive types. This is mainly useful in macros where you want\n avoid these types being shadowed.\n\n - Relaxed some of the trait bounds on `HashMap` and `HashSe ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'rust, ' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"cargo\", rpm:\"cargo~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clippy\", rpm:\"clippy~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rls\", rpm:\"rls~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust\", rpm:\"rust~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-analysis\", rpm:\"rust-analysis~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-doc\", rpm:\"rust-doc~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-gdb\", rpm:\"rust-gdb~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-std-static\", rpm:\"rust-std-static~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rustfmt\", rpm:\"rustfmt~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cargo-doc\", rpm:\"cargo-doc~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-src\", rpm:\"rust-src~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ust-cbindgen\", rpm:\"ust-cbindgen~0.14.1~lp151.8.2\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-21T19:30:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-07-08T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0945-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-07-09T00:00:00", "id": "OPENVAS:1361412562310853258", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853258", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853258\");\n script_version(\"2020-07-09T12:15:58+0000\");\n script_cve_id(\"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-07-09 12:15:58 +0000 (Thu, 09 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-08 03:04:04 +0000 (Wed, 08 Jul 2020)\");\n script_name(\"openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0945-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.2\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0945-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rust, '\n package(s) announced via the openSUSE-SU-2020:0945-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for rust, rust-cbindgen fixes the following issues:\n\n rust was updated for use by Firefox 76ESR.\n\n - Fixed miscompilations with rustc 1.43 that lead to LTO failures\n (bsc#1173202)\n\n Update to version 1.43.1\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.\n\n - Fixed the stabilization of AVX-512 features.\n\n - Fixed `cargo package --list` not working with unpublished dependencies.\n\n Update to version 1.43.0\n\n + Language:\n\n - Fixed using binary operations with `&{number}` (e.g. `&1.0`) not having\n the type inferred correctly.\n\n - Attributes such as `#[cfg()]` can now be used on `if` expressions.\n\n - Syntax only changes:\n\n * Allow `type Foo: Ord` syntactically.\n\n * Fuse associated and extern items up to defaultness.\n\n * Syntactically allow `self` in all `fn` contexts.\n\n * Merge `fn` syntax + cleanup item parsing.\n\n * `item` macro fragments can be interpolated into `trait`s, `impl`s, and\n `extern` blocks. For example, you may now write: ```rust macro_rules!\n mac_trait { ($i:item) => { trait T { $i } } } mac_trait! { fn foo() {}\n } ```\n\n * These are still rejected *semantically*, so you will likely receive an\n error but these changes can be seen and parsed by macros and\n conditional compilation.\n\n + Compiler\n\n - You can now pass multiple lint flags to rustc to override the previous\n flags.\n\n For example, `rustc -D unused -A unused-variables` denies everything in\n the `unused` lint group except `unused-variables` which is explicitly\n allowed. However, passing `rustc -A unused-variables -D unused` denies\n everything in the `unused` lint group **including** `unused-variables`\n since the allow flag is specified before the deny flag (and therefore\n overridden).\n\n - rustc will now prefer your system MinGW libraries over its bundled\n libraries if they are available on `windows-gnu`.\n\n - rustc now buffers errors/warnings printed in JSON.\n\n Libraries:\n\n - `Arc<[T, N]>`, `Box<[T, N]>`, and `Rc<[T, N]>`, now implement\n `TryFrom<Arc<[T]>>`, `TryFrom<Box<[T]>>`, and `TryFrom<Rc<[T]>>`\n respectively.\n **Note** These conversions are only available when `N` is `0..=32`.\n\n - You can now use associated constants on floats and integers directly,\n rather than having to import the module. e.g. You can now write\n `u32::MAX` or `f32::NAN` with no imports.\n\n - `u8::is_ascii` is now `const`.\n\n - `String` now implements `AsMut<str>`.\n\n - Added the `primitive` module to `std` and `core`. This module reexports\n Rust's primitive types. This is mainly useful in macros where you want\n avoid these types being shadowed.\n\n - Relaxed some of the trait bounds on `HashMap` and `HashSe ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'rust, ' package(s) on openSUSE Leap 15.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"cargo\", rpm:\"cargo~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clippy\", rpm:\"clippy~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rls\", rpm:\"rls~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust\", rpm:\"rust~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-analysis\", rpm:\"rust-analysis~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-doc\", rpm:\"rust-doc~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-gdb\", rpm:\"rust-gdb~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-std-static\", rpm:\"rust-std-static~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rustfmt\", rpm:\"rustfmt~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cargo-doc\", rpm:\"cargo-doc~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-src\", rpm:\"rust-src~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ust-cbindgen\", rpm:\"ust-cbindgen~0.14.1~lp152.2.4.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-04T15:49:11", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl111d (EulerOS-SA-2020-1613)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562311220201613", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201613", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1613\");\n script_version(\"2020-06-03T06:06:05+0000\");\n script_cve_id(\"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 06:06:05 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-03 06:06:05 +0000 (Wed, 03 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl111d (EulerOS-SA-2020-1613)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1613\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1613\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl111d' package(s) announced via the EulerOS-SA-2020-1613 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the 'signature_algorithms_cert' TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).(CVE-2020-1967)\");\n\n script_tag(name:\"affected\", value:\"'openssl111d' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl111d\", rpm:\"openssl111d~1.1.1d~2.h6.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl111d-devel\", rpm:\"openssl111d-devel~1.1.1d~2.h6.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl111d-libs\", rpm:\"openssl111d-libs~1.1.1d~2.h6.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl111d-static\", rpm:\"openssl111d-static~1.1.1d~2.h6.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "checkpoint_advisories": [{"lastseen": "2022-02-16T23:43:03", "description": "A cross-site scripting vulnerability exists in jQuery. Successful exploitation of this vulnerability could result in execution of arbitrary scripts on the affected system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-11-16T00:00:00", "type": "checkpoint_advisories", "title": "jQuery Cross Site Scripting (CVE-2020-11022; CVE-2020-11023)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-11-16T00:00:00", "id": "CPAI-2020-1183", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-02-16T19:39:34", "description": "A NULL pointer dereference vulnerability exists in OpenSSL TLS. Successful exploitation results in a denial of service condition on the affected service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-06-02T00:00:00", "type": "checkpoint_advisories", "title": "OpenSSL TLS NULL Pointer Dereference Denial of Service (CVE-2020-1967)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-06-02T00:00:00", "id": "CPAI-2020-0407", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ibm": [{"lastseen": "2022-06-29T02:08:10", "description": "## Summary\n\nQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the HTML() function. A remote attacker could exploit this vulnerability to execute script in a victim&#39;s Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim&#39;s cookie-based authentication credentials.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nDataQuant for z/OS| 2.1 \nDataQuant for Multiplatforms| 2.1 \n \n\n\n## Remediation/Fixes\n\nPlease see \"Workarounds.\"\n\n## Workarounds and Mitigations\n\n**Steps for DataQuant Workstation:**\n\n 1. Close DataQuant.\n 2. Navigate to the plugins directory present within DataQuant install directory.\n\nExample: <DATAQUANT_HOME>/DataQuant For Workstation/plugins\n\n 3. Locate the folder - [com.ibm.bi](<https://urldefense.proofpoint.com/v2/url?u=http-3A__com.ibm.bi_&d=DwMGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=Muu9r-tqkBOHdLkP3t8VJ-mWzmQeZ7YtWxSOE6dZ05c&m=Fhc7JD4lLfloLFDfeht-yJmNLoS7JmUlfEEYVy_kel4&s=4RphKqDYs3Zjp_lq33M---09mN4fYmDqlh67UhY7GbE&e=>).reporter_2.1.7.20170216 in the above Directory. Take a backup & remove the directory along with contents from this location.\n 4. Download the attached zip file & extract it to a temporary location.\n 5. Place the extracted folder in the directory <DATAQUANT_HOME>/DataQuant For Workstation/plugins.\n 6. Once replaced, launch DataQuant.\n\n** **\n\n**Steps for DataQuant WebSphere:**\n\n 1. On a deployed product instance, stop the DataQuant WebSphere application.\n 2. Locate the plugin folder - [com.ibm.bi](<https://urldefense.proofpoint.com/v2/url?u=http-3A__com.ibm.bi_&d=DwMGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=Muu9r-tqkBOHdLkP3t8VJ-mWzmQeZ7YtWxSOE6dZ05c&m=Fhc7JD4lLfloLFDfeht-yJmNLoS7JmUlfEEYVy_kel4&s=4RphKqDYs3Zjp_lq33M---09mN4fYmDqlh67UhY7GbE&e=>).reporter_2.1.7.20170216. Take a backup and remove it from the plugins directory.\n\nStandard location \u2192 <IBM_WebSphere>\\AppServer\\profiles\\AppSrv01\\installedApps\\ams-vm-qmf11Node01Cell\\DataQuant for WebSphere 2.1.ear\\DataQuantWebSphere21.war\\WEB-INF\\eclipse\\plugins\\\n\n 3. Download the attached zip file & extract it to a temporary location.\n 4. Place the extracted folder in the directory \u2192 <IBM_WebSphere>\\AppServer\\profiles\\AppSrv01\\installedApps\\MyMachineNode01Cell\\DataQuant for WebSphere 2.1.ear\\DataQuantWebSphere21.war\\WEB-INF\\eclipse\\plugins\\\n 5. Optionally, to copy files for WebSphere application server on windows using XCOPY command run step 6\n 6. Open command prompt with 'Run As Administrator' option and use the XCOPY command\n\nFor Example \u2192 Xcopy /E /I \"<UserLocationForDownloadedZip>\\[com.ibm.bi](<https://urldefense.proofpoint.com/v2/url?u=http-3A__com.ibm.bi_&d=DwMGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=Muu9r-tqkBOHdLkP3t8VJ-mWzmQeZ7YtWxSOE6dZ05c&m=Fhc7JD4lLfloLFDfeht-yJmNLoS7JmUlfEEYVy_kel4&s=4RphKqDYs3Zjp_lq33M---09mN4fYmDqlh67UhY7GbE&e=>).reporter_2.1.8.20200927\" \"<IBM_WebSphere>\\AppServer\\profiles\\AppSrv01\\installedApps\\MyMachineNode01Cell\\DataQuant for WebSphere 2.1.ear\\DataQuantWebSphere21.war\\WEB-INF\\eclipse\\plugins\\[com.ibm.bi](<https://urldefense.proofpoint.com/v2/url?u=http-3A__com.ibm.bi_&d=DwMGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=Muu9r-tqkBOHdLkP3t8VJ-mWzmQeZ7YtWxSOE6dZ05c&m=Fhc7JD4lLfloLFDfeht-yJmNLoS7JmUlfEEYVy_kel4&s=4RphKqDYs3Zjp_lq33M---09mN4fYmDqlh67UhY7GbE&e=>).reporter_2.1.8.20200927\"\n\n 7. Start the DataQuant application within WebSphere.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n07 Oct 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSAUQR\",\"label\":\"IBM DataQuant for z\\/OS\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"2.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-10-07T21:15:08", "type": "ibm", "title": "Security Bulletin: Steps to update DataQuant Wrokstation ans DataQuant WebSphere plugins.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-10-07T21:15:08", "id": "CCFBBF17D9A696428033DD621D20DBA44A61CCB92DE126AC9B8A8CA1DDE1D0EB", "href": "https://www.ibm.com/support/pages/node/6344085", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:02:43", "description": "## Summary\n\njQuery security vulnerabilities affect IBM Emptoris Sourcing.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Sourcing| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n\n\n## Remediation/Fixes\n\n** Product Name**| ** Versions affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Sourcing| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Sourcing&fixids=EMP_Sourcing_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Sourcing| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Sourcing&fixids=EMP_Sourcing_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Sourcing| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Sourcing&fixids=EMP_Sourcing_10.1.3.30&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYR8W\",\"label\":\"Emptoris Sourcing\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:54:47", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Sourcing (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:54:47", "id": "2A203D8BF52DCAFF8B5E95996A1B55C43D9BF20BC5F58B0B4D388698819D6CF7", "href": "https://www.ibm.com/support/pages/node/6377838", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:02:43", "description": "## Summary\n\njQuery security vulnerabilities affect IBM Emptoris Contract Management.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Contract Management| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n\n\n## Remediation/Fixes\n\n**Product Name **| ** Versions affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Contract Management| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Contract+Management&fixids=EMP_CM_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Contract Management| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Contract+Management&fixids=EMP_CM_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Contract Management| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Contract+Management&fixids=EMP_CM_10.1.3.30&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYQ89\",\"label\":\"Emptoris Contract Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:52:58", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Contract Management (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:52:58", "id": "941A5FB04B6C4DF5F07E2FBC7A84EADD1A839385EC770AAC6BDFEF5BC82847D9", "href": "https://www.ibm.com/support/pages/node/6377836", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:02:44", "description": "## Summary\n\njQuery security vulnerabilities affect IBM Emptoris Program Management.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Program Management| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n\n\n## Remediation/Fixes\n\n**Product Name **| **Versions affected** | **Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Program Management| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Program+Management&fixids=EMP_PGM_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Program Management| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Program+Management&fixids=EMP_PGM_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Program Management| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Program+Management&fixids=pgm_license-10.1.3.30.0&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYRER\",\"label\":\"Emptoris Program Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:49:41", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Program Management (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:49:41", "id": "ED796DA12F35B849EC739966324C81FE11BDCC6E2DCB25F912D4D4A08B754359", "href": "https://www.ibm.com/support/pages/node/6377828", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:10:08", "description": "## Summary\n\nIBM Tivoli Netcool Impact has addressed the following jQuery vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool Impact 7.1.0| 7.1.0.0~7.1.0.18 \n \n## Remediation/Fixes\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nIBM Tivoli Netcool Impact 7.1.0| _7.1.0.19_| _IJ24826 _| [IBM Tivoli Netcool Impact 7.1.0 FP19](<https://www.ibm.com/support/pages/node/6210359> \"\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n29 Jun 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSSHYH\",\"label\":\"Tivoli Netcool\\/Impact\"},\"Component\":\"-\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"7.1.0\",\"Edition\":\"All Editions\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-06-29T15:31:22", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Netcool Impact is affected by jQuery vulnerabilities (CVE-2020-11022, CVE-2020-11023)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-06-29T15:31:22", "id": "D16BB3B63F820806338161CA1080F3C27550FA2CD017A11E0C7250AB6C05CD77", "href": "https://www.ibm.com/support/pages/node/6241532", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T12:58:25", "description": "## Summary\n\nWe have identified that the IBM Kenexa LMS On Premise is affected by one or more security vulnerabilities. These have been addressed in LMS 6.1.0 version.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Kenexa LMS on premise| LMS 6.1 and Below \n \n \n\n\n## Remediation/Fixes\n\nIBM recommends updating to the latest release for customers who are using an affected version. The new version is available at IBM Passport Advantage web site.\n\nOnce on version 6.1, please proceed to download and apply the provided fix via Fix Central.\n\n**Steps to Download from Fix Central**\n\n * Log in to Fix Central (<https://www-945.ibm.com/support/fixcentral/>)\n * Select \" IBM Kenexa LMS\u201d from the Product Selector dropdown\n * Select \"6.1\" from the Installed version dropdown\n * Select \"Windows\" from the Platform dropdown\n * Click \"Continue\"\n * Select \"Browse for Fixes\u201d and click \"Continue\"\n\n**Download the following 3 files:**\n\n * Download the LMS 15.1.0 patch - p_15.1.0000_2021-01-08_07-43.zip or above \n * Download the PE 10.1.0 patch - IBM_Participate_10.1.0_2021.0216-cumulative.zip or above \n * Download the JQueryUpgrade_Instructions.zip\n\n**Steps to Follow in Version 6.1 ONLY:**\n\n1\\. Stop LMS 15.1.0 and Participate 10.1.0 Services\n\n2\\. Extract the JQueryUpgrade_Instructions.zip \n\nFYI\u2026Below files will display in extracted folder will find below files \n\nJQueryUpgrade.zip, \n\nJQueryUpgrade-PE-Instructions.txt\n\nJQueryUpgrade-LMSInstructions.txt\n\nJQueryUpgrade-PE-REVERT-Instructions.txt \n\nJQueryUpgrade-LMS-REVERT-Instructions.txt\n\n3\\. Open the \u201cJQueryUpgrade-PE-Instructions.txt\u201d file & follow each step in PE application folders to upgrade J-query\n\n4\\. Open the \u201cJQueryUpgrade-LMSInstructions.txt\u201d file & follow each step in LMS application folders to upgrade J-query\n\n5\\. Start the LMS 15.1.0 & PE10.1.0 services\n\n\\-----------------------------------------------------------------------------------------------------------------------------\n\n**Note:** *** Please download \"JQueryUpgrade_Instructions\" while applying the latest patch for LMS build version 15.1.0 and Participate 10.1.0. This is a one time requirement and in instance where you have already applied \"JQueryUpgrade_Instructions\", then re-applying the same in future cumulative fixes is not required and you may proceed with regular patching process***\n\n\\------------------------------------------------------------------------------------------------------------------------------------\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n22 Mar 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU055\",\"label\":\"Cognitive Applications\"},\"Product\":{\"code\":\"SSDN58\",\"label\":\"IBM Kenexa LMS\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"LMS 6.1 and Below\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-03-23T06:32:08", "type": "ibm", "title": "Security Bulletin: IBM Kenexa LMS On Premise -[All] jQuery (Publicly disclosed vulnerability) - CVE-2020-11023, CVE-2020-11022", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-03-23T06:32:08", "id": "D737A8C94C930B47803CAEB6FC01A6B08302D409FE64A0E40960433AFCACF7A4", "href": "https://www.ibm.com/support/pages/node/6435075", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:02:42", "description": "## Summary\n\njQuery publicly disclosed vulnerability affects IBM Emptoris Strategic Supply Management Platform.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Strategic Supply Management Platform| 10.1.0.x,10.1.1.x,10.1.3.x \n \n\n\n## Remediation/Fixes\n\n**Product Name **| **Versions affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Strategic Supply Management Platform| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Strategic+Supply+Management&fixids=EMP_SSMP_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Strategic Supply Management Platform| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Strategic+Supply+Management&fixids=EMP_SSMP_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Strategic Supply Management Platform| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Strategic+Supply+Management&fixids=EMP_SSMP_10.1.3.30&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYQ72\",\"label\":\"Emptoris Strategic Supply Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:51:39", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:51:39", "id": "73C56B324A2080FA9C0CB45D26C0A4523AA2C160E0E404D5B47EF65512D83AFF", "href": "https://www.ibm.com/support/pages/node/6377832", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:03:37", "description": "## Summary\n\nJQuery as used in IBM Security QRadar Packet Capture is vulnerable to Cross Site Scripting (XSS) \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** Third Party Entry: **180875 \n** DESCRIPTION: **jQuery cross-site scripting \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Security QRadar Packet Capture 7.3.0 to 7.3.3 Patch 2\n\nIBM Security QRadar Packet Capture 7.4.0 to 7.4.1 GA\n\n \n\n\n## Remediation/Fixes\n\n[IBM Security QRadar Packet Capture 7.3.3 Patch 3](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Packet+Capture&release=All&platform=Linux&function=fixId&fixids=7.3.3-QRadar-PCAP-build-373&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM Security QRadar Packet Capture 7.3.3 Patch 3\" )\n\n[IBM Security QRadar Packet Capture 7.4.1 Patch 1](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Packet+Capture&release=All&platform=Linux&function=fixId&fixids=7.4.1-QRadar-PCAP-build-442&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM Security QRadar Packet Capture 7.4.1 Patch 1\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n30 Oct 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Product\":{\"code\":\"SSUJWP\",\"label\":\"IBM Security QRadar Packet Capture\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"7.3, 7.4\",\"Edition\":\"All Editions\"}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-10-30T14:54:33", "type": "ibm", "title": "Security Bulletin: JQuery as used in IBM Security QRadar Packet Capture is vulnerable to Cross Site Scripting (XSS) (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-10-30T14:54:33", "id": "46408A14D896F2590474D3B129B44EA3EC035B71D283468445233579BDC6BEE8", "href": "https://www.ibm.com/support/pages/node/6357529", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:07:15", "description": "## Summary\n\nThere are multiple vulnerabilities in jQuery that affect IBM WIoTP MessageGateway.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM WIoTP MessageGateway| 5.0.0.1 \nIBM IoT MessageSight| 5.0.0.0 \nIBM IoT MessageSight| 2.0 \n \n \n\n\n## Remediation/Fixes\n\n_Product_ | _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_IBM WIoTP MessageGateway_| \n\n_5.0.0.2_\n\n| \n\n_IT33689_\n\n| [_5.0.0.2-IBM-IMA-IFIT33689_](<https://www.ibm.com/support/pages/node/6255218>) \n_IBM MessageSight_| \n\n_5.0.0.0_\n\n| \n\n_IT33689_\n\n| [_5.0.0.0-IBM-IMA-IFIT33689_](<https://www.ibm.com/support/pages/node/6255216>) \n_IBM MessageSight_| \n\n_2.0.0.2_\n\n| \n\n_IT33689_\n\n| [_2.0.0.2-IBM-IMA-IFIT33689_](<https://www.ibm.com/support/pages/node/6255214>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n31 Jul 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSF79B\",\"label\":\"IBM Watson IoT Platform - Message Gateway\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.0.0.2, 5.0.0.0, 5.0.0.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-08-11T19:22:50", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in jQuery affect IBM WIoTP MessageGateway (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-08-11T19:22:50", "id": "4C098F2F4DD25A03B6FD67587B106604BA4957943FBB7B66868AD8F6F9AEAA0C", "href": "https://www.ibm.com/support/pages/node/6258085", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:04:46", "description": "## Summary\n\nIBM MobileFirst Platform Foundation has addressed the following vulnerability: Multiple Vulnerabilities in jQuery\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM MobileFirst Foundation| 8.x.x \n \n\n\n## Remediation/Fixes\n\n**Product**| **VRMF**| **Remediation/First Fix** \n---|---|--- \nIBM MobileFirst Platform Foundation| 8.0.0.0| Download the iFix from [IBM MobileFirst Platform Foundation on FixCentral](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+MobileFirst+Platform+Foundation&fixids=8.0.0.0-MFPF-IF202001211306&source=SAR> \"IBM MobileFirst Platform Foundation on FixCentral\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n17 Sep 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSVNUQ\",\"label\":\"IBM MobileFirst Platform Foundation\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF031\",\"label\":\"Ubuntu\"}],\"Version\":\"7.1.0.0, 8.0.0.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-10-07T10:53:47", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in jQuery fixed in Mobile Foundation ( CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-10-07T10:53:47", "id": "97DBA1E30952A387E9FFBBCBC4073EB22E406C0722006EEFFCFE53B1712D7E07", "href": "https://www.ibm.com/support/pages/node/6343835", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:00:29", "description": "## Summary\n\nThe web server in IBM Security Verify Information Queue (ISIQ) uses an older version of the jQuery package that has two cross-site scripting vulnerabilities. As of v10.0.0, ISIQ has upgraded to a newer, secure version of jQuery. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Verify Information Queue| 1.0.6, 1.0.7 \n \n\n\n## Remediation/Fixes\n\nDownload and install the latest IBM Security Verify Information Queue images (tagged at 10.0.0 or greater) from the Docker Hub repository. The instructions for accessing and deploying the images can be found on the ISIQ starter kit page: <https://www.ibm.com/support/pages/ibm-security-information-queue-starter-kit>\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nYes, specilialized conditions must exit. Attack relies on other vulnerability or specific configuration.\n\n## Change History\n\n02 Feb 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Product\":{\"code\":\"SSCMMF\",\"label\":\"IBM Security Information Queue\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"1.0.6, 1.0.7\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-02-10T17:05:43", "type": "ibm", "title": "Security Bulletin: IBM Security Verify Information Queue uses a Node.js package with known vulnerabilities (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-02-10T17:05:43", "id": "EBD6110D65EB41702B40A5795DBF9BE4F150B84442976771BAD2D5EE26847349", "href": "https://www.ibm.com/support/pages/node/6414351", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:02:42", "description": "## Summary\n\njQuery security vulnerabilities affect IBM Emptoris Spend Analysis.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Spend Analysis| 10.1.3.x,10.1.1.x,10.1.0.x \n \n\n\n## Remediation/Fixes\n\n**Product Name **| ** Versions affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Spend Analysis| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Spend+Analysis&fixids=EMP_Spend_analysis_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Spend Analysis| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Spend+Analysis&fixids=EMP_Spend_Manager_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Spend Analysis| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Spend+Analysis&fixids=EMP_Spend_Manager_10.1.3.30&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYQAR\",\"label\":\"Emptoris Spend Analysis\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:54:58", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Spend Analysis (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:54:58", "id": "5CFA2CCBFE05295C7186239383AF12E6EC68C33A3ED0A1976150849CCB589A37", "href": "https://www.ibm.com/support/pages/node/6377840", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:07:19", "description": "## Summary\n\nJQuery as used by IBM QRadar Network Packet Capture is vulnerable to Cross Site Scripting (XSS) \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** Third Party Entry: **180875 \n** DESCRIPTION: **jQuery cross-site scripting \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 2\n\n## Remediation/Fixes\n\n[IBM QRadar Network Packet Capture 7.4.1 GA](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+QRadar+Network+Packet+Capture+Appliance&release=All&platform=Linux&function=fixId&fixids=7.4.1-QRadar-NETPCAP-Upgrade-1107&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM QRadar Network Packet Capture \u00a07.4.1 GA\" )\n\n[IBM QRadar Network Packet Capture 7.3.3 Patch 3](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+QRadar+Network+Packet+Capture+Appliance&release=All&platform=Linux&function=fixId&fixids=7.3.3-QRadar-NETPCAP-Upgrade-10&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM QRadar Network Packet Capture \u00a07.3.3 Patch 3\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n10 Aug 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSMU35\",\"label\":\"IBM QRadar Network Packet Capture Software\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"7.3, 7.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-08-10T20:34:42", "type": "ibm", "title": "Security Bulletin: JQuery as used by IBM QRadar Network Packet Capture is vulnerable to Cross Site Scripting (XSS) (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-08-10T20:34:42", "id": "9A20509E1E544EB20A59DA9FC7AF82F400FE5F811F4BF6223A61E0E7FD269C22", "href": "https://www.ibm.com/support/pages/node/6257859", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:05:53", "description": "## Summary\n\nWe have identified that the IBM Kenexa LCMS Premier is affected by one or more security vulnerabilities. These have been addressed in LCMS Premier 14.0 version.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Kenexa LCMS Premier on premise| 14.0 and below \n \n\n\n## Remediation/Fixes\n\nIBM recommends updating to the latest release for customers who are using an affected version. The new version is available at IBM Passport Advantage web site. \n\nOnce on version 14.0, please proceed to download and apply the provided fix via Fix Central.\n\n**Steps to Download from Fix Central**\n\n * Log in to Fix Central (<https://www-945.ibm.com/support/fixcentral/>)\n * Select \"IBM Kenexa LCMS Premier\u201d from the Product Selector dropdown\n * Select \"14.0\" from the Installed version dropdown\n * Select \"Windows\" from the Platform dropdown\n * Click \"Continue\"\n * Select \"Browse for Fixes\u201d and click \"Continue\"\n\n**Download the following 2 files:**\n\n * Download the 14.0.0 patch - p_14.0.0058_2020-08-28_06-52.zip or above\n\n**Steps to Follow in Version 14.0 ONLY:**\n\n 1. Remove all plugins: \n 1. From ConfigWiz.exe, check \"Advanced\" checkbox, then click \"Stop Services\".\n 2. Move all jar and all zip files from plugin folder to somewhere else.\n 3. From ConfigWiz.exe, click \"Add/Remove Plugins\".\n 2. Install the plugin or patch: \n 1. Move or copy the new plugin file or patch into the plugin folder.\n 2. From ConfigWiz.exe, click \"Advanced\" checkbox, then click \"Add/Remove Plugins\".\n 3. Re-Start Services\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n10 Sep 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU055\",\"label\":\"Cognitive Applications\"},\"Product\":{\"code\":\"SSDN47\",\"label\":\"IBM Kenexa LCMS Premier\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"LCMS Premier 14.0 and Below\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-09-11T06:37:01", "type": "ibm", "title": "Security Bulletin: IBM Kenexa LCMS Premier On Premise - [All] jQuery (Publicly disclosed vulnerability) CVE-2020-11023, CVE-2020-11022", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-09-11T06:37:01", "id": "333C119D3A0437BF92826DA551039CEEC4C96ACBE2B033BC949AB1809D25154B", "href": "https://www.ibm.com/support/pages/node/6332181", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T12:50:37", "description": "## Summary\n\nIBM Aspera Webapps are vulnerable to cross-site scripting. See vulnerability details for more information.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Aspera Console| 3.4.0 and earlier \nIBM Aspera Shares| 1.9.14 and earlier \n \n\n\n## Remediation/Fixes\n\nFixed in| Version(s) \n---|--- \nIBM Aspera Console| 3.4.2 \nIBM Aspera Shares| 1.9.15 \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n14 Sept 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS8NDZ\",\"label\":\"IBM Aspera\"},\"Component\":\"IBM Aspera Shares, IBM Aspera Console\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"IBM Aspera Shares 1.9.14, IBM Aspera Console 3.4.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-09-17T18:19:25", "type": "ibm", "title": "Security Bulletin: IBM Aspera Webapps are vulnerable to cross-site scripting (CVE-2020-11022, CVE-2020-11023).", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-09-17T18:19:25", "id": "38673841651CC84F9C5F463EBAA4FCB1CD8DB260C4DB4DE5C5EB13515B8DE043", "href": "https://www.ibm.com/support/pages/node/6490381", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-28T22:09:10", "description": "## Summary\n\nVulnerabilities discovered in jQuery component affect IBM License Metric Tool v9.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM License Metric Tool| All \n \n\n\n## Remediation/Fixes\n\nUpgrade to version 9.2.20 or later using the following procedure: \n\nIn BigFix console, expand IBM License Reporting (ILMT) node under Sites node in the tree panel. \nClick Fixlets and Tasks node. Fixlets and Tasks panel will be displayed on the right. \nIn the Fixlets and Tasks panel locate Upgrade to the latest version of IBM License Metric Tool 9.x fixlet and run it against the computer that hosts your server.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n29 Jun 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS8JFY\",\"label\":\"IBM License Metric Tool\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"9.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-06-30T08:53:44", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in jQuery affect IBM License Metric Tool v9.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-06-30T08:53:44", "id": "F1A3DFA7EB79FE51E9EE40DE7EE818B3181F7D6FFEBD16C7E5DC5676556369E6", "href": "https://www.ibm.com/support/pages/node/6242104", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T13:10:12", "description": "## Summary\n\nIBM API Connect has addressed the following vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nAPI Connect | IBM API Connect V5.0.0.0-5.0.8.8 \nAPI Connect | V2018.4.1.0-2018.4.1.11 \n \n## Remediation/Fixes\n\n## \n\n**Affected Product**\n\n| \n\n**Addressed in VRMF**\n\n| \n\n**APAR**\n\n| \n\n**Remediation / First Fix** \n \n---|---|---|--- \n \nIBM API Connect\n\nV5.0.0.0-5.0.8.8 \n\n\n| 5.0.8.8 iFix2 | LI81522 | Addressed in IBM API Connect V5.0.8.8 iFix released on or after June 8, 2020. \n \nDeveloper Portal is impacted. \n \nFollow this link and find the \"Portal\" package: \n \n[http://www.ibm.com/support/fixcentral/swg/quickorder](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.8&platform=All&function=all&source=fc> \"http://www.ibm.com/support/fixcentral/swg/quickorder\" ) \n \nIBM API Connect \n\nV2018.4.1.0-2018.4.1.11\n\n| 2018.4.1.12 | \n\nLI81522\n\n| \n\nAddressed in IBM API Connect V2018.4.1.12.\n\nDeveloper Portal is impacted.\n\nFollow this link and find the \"Portal\" package.\n\n[http://www.ibm.com/support/fixcentral/swg/quickorder](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=2018.4.1.11&platform=All&function=all&source=fc> \"http://www.ibm.com/support/fixcentral/swg/quickorder\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n26 June 2020: Updated for v2018.4.1.12 \n11 June 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Internal Use Only\n\n[https://github.ibm.com/apimesh/apic-security-collab/issues/946](<https://github.ibm.com/apimesh/apic-security-collab/issues/946?email_source=notifications&email_token=AAAEXCYVLPBFMC3VOMF6R4DRTQSGDA5CNFSM4AGVFINKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOAE4AW4A>)\n\n# PVR0223140\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSMNED\",\"label\":\"IBM API Connect\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"5.0.0.0-5.0.8.8;2018.4.1.-2018.4.1.11\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-06-26T19:44:32", "type": "ibm", "title": "Security Bulletin: IBM API Connect is impacted by vulnerabilities in Drupal (CVE-2020-11022 CVE-2020-11023)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-06-26T19:44:32", "id": "6D4BC30FC7D54719CC8531DD40CAEF904411E8A769D791119C3658B78C353F56", "href": "https://www.ibm.com/support/pages/node/6217392", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T12:42:38", "description": "## Summary\n\nOpenSSL could allow a remote attacker to obtain sensitive information and is vulnerable to a denial of service. These vulnerabilities affect IBM Spectrum Control.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-1967](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By passing specially crafted data to the SSL_check_chain() function during or after a TLS 1.3 handshake, a remote attacker could exploit this vulnerability to cause server or client applications to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-1551](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by an overflow in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. By performing a man-in-the-middle attack, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172752](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172752>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Control| 5.3.0 - 5.3.6 \n \n\n\n## Remediation/Fixes\n\nThe solution is to apply an appropriate IBM Spectrum Control fix. Click on the download link and follow the Installation Instructions. The solution should be implemented as soon as practicable. \n\n** Release**| **First Fixing** \n**VRM Level**| ** Link to Fix** \n---|---|--- \n5.3| 5.3.7| <http://www.ibm.com/support/docview.wss?uid=swg21320822#53_0> \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n21 May 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evalu

Tenable Log Correlation Engine (LCE) &lt; 6.0.9 (TNS-2021-10)

Description

Related

Tenable Log Correlation Engine (LCE) < 6.0.9 (TNS-2021-10)