cvelistv5 - cve-2016-8610

CVE-2016-8610 (GCVE-0-2016-8610)

Vulnerability from cvelistv5

Published

2017-11-13 22:00

Modified

2024-08-06 02:27

Severity ?

CWE

CWE-400

Summary

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.

References

URL

Tags

	http://www.securityfocus.com/bid/93841	vdb-entry, x_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2017-1659.html	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1658	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1801	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0286.html	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1413	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2494	vendor-advisory, x_refsource_REDHAT
	https://security.FreeBSD.org/advisories/FreeBSD-SA-16:35.openssl.asc	vendor-advisory, x_refsource_FREEBSD
	https://access.redhat.com/errata/RHSA-2017:1414	vendor-advisory, x_refsource_REDHAT
	http://seclists.org/oss-sec/2016/q4/224	mailing-list, x_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2017-0574.html	vendor-advisory, x_refsource_REDHAT
	https://www.debian.org/security/2017/dsa-3773	vendor-advisory, x_refsource_DEBIAN
	http://rhn.redhat.com/errata/RHSA-2017-1415.html	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1037084	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2017:1802	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2493	vendor-advisory, x_refsource_REDHAT
	https://www.oracle.com/security-alerts/cpuapr2020.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	x_refsource_MISC
	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpujan2020.html	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-20171130-0001/	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8610	x_refsource_CONFIRM
	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=af58be768ebb690f78530f796e92b8ae5c9a4401	x_refsource_CONFIRM
	https://security.360.cn/cve/CVE-2016-8610/	x_refsource_MISC
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03897en_us	x_refsource_CONFIRM
	https://security.paloaltonetworks.com/CVE-2016-8610	x_refsource_CONFIRM
	https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	OpenSSL	OpenSSL	Version: All 0.9.8 Version: All 1.0.1 Version: 1.0.2 through 1.0.2h Version: 1.1.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:40.949Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "93841",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93841"
          },
          {
            "name": "RHSA-2017:1659",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2017-1659.html"
          },
          {
            "name": "RHSA-2017:1658",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1658"
          },
          {
            "name": "RHSA-2017:1801",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1801"
          },
          {
            "name": "RHSA-2017:0286",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2017-0286.html"
          },
          {
            "name": "RHSA-2017:1413",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1413"
          },
          {
            "name": "RHSA-2017:2494",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2494"
          },
          {
            "name": "FreeBSD-SA-16:35",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:35.openssl.asc"
          },
          {
            "name": "RHSA-2017:1414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1414"
          },
          {
            "name": "[oss-security] 20161024 CVE-2016-8610: SSL Death Alert: OpenSSL SSL/TLS SSL3_AL_WARNING undefined alert Remote DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://seclists.org/oss-sec/2016/q4/224"
          },
          {
            "name": "RHSA-2017:0574",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2017-0574.html"
          },
          {
            "name": "DSA-3773",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-3773"
          },
          {
            "name": "RHSA-2017:1415",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2017-1415.html"
          },
          {
            "name": "1037084",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037084"
          },
          {
            "name": "RHSA-2017:1802",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1802"
          },
          {
            "name": "RHSA-2017:2493",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2493"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20171130-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8610"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=af58be768ebb690f78530f796e92b8ae5c9a4401"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.360.cn/cve/CVE-2016-8610/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03897en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2016-8610"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "status": "affected",
              "version": "All 0.9.8"
            },
            {
              "status": "affected",
              "version": "All 1.0.1"
            },
            {
              "status": "affected",
              "version": "1.0.2 through 1.0.2h"
            },
            {
              "status": "affected",
              "version": "1.1.0"
            }
          ]
        }
      ],
      "datePublic": "2016-10-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-20T21:14:51.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "93841",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93841"
        },
        {
          "name": "RHSA-2017:1659",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2017-1659.html"
        },
        {
          "name": "RHSA-2017:1658",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1658"
        },
        {
          "name": "RHSA-2017:1801",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "name": "RHSA-2017:0286",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2017-0286.html"
        },
        {
          "name": "RHSA-2017:1413",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1413"
        },
        {
          "name": "RHSA-2017:2494",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        },
        {
          "name": "FreeBSD-SA-16:35",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:35.openssl.asc"
        },
        {
          "name": "RHSA-2017:1414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1414"
        },
        {
          "name": "[oss-security] 20161024 CVE-2016-8610: SSL Death Alert: OpenSSL SSL/TLS SSL3_AL_WARNING undefined alert Remote DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://seclists.org/oss-sec/2016/q4/224"
        },
        {
          "name": "RHSA-2017:0574",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2017-0574.html"
        },
        {
          "name": "DSA-3773",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-3773"
        },
        {
          "name": "RHSA-2017:1415",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2017-1415.html"
        },
        {
          "name": "1037084",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037084"
        },
        {
          "name": "RHSA-2017:1802",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "name": "RHSA-2017:2493",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20171130-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8610"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=af58be768ebb690f78530f796e92b8ae5c9a4401"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.360.cn/cve/CVE-2016-8610/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03897en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2016-8610"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-8610",
    "datePublished": "2017-11-13T22:00:00.000Z",
    "dateReserved": "2016-10-12T00:00:00.000Z",
    "dateUpdated": "2024-08-06T02:27:40.949Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2017-AVI-348

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D110
Juniper Networks	N/A	Contrail versions 3.1.x antérieures à 3.1.4.0
Juniper Networks	Junos OS	Junos OS versions 17 antérieures à 17.3R1
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.2R7-S8
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.1X53-D50
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.1R8-S4
Juniper Networks	Junos Space	Junos Space versions 16.1 antérieures à 16.1R3
Juniper Networks	N/A	Contrail versions 3.0.x antérieures à 3.0.3.4
Juniper Networks	N/A	ScreenOS versions 6.3.0 antérieures à 6.3.0r24
Juniper Networks	N/A	Contrail versions 3.2.x antérieures à 3.2.5.0
Juniper Networks	N/A	Contrail versions 2.x antérieures à 2.21.4
Juniper Networks	Junos OS	Junos OS versions 12.1X46 antérieures à 12.1X46-D71
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.2R8
Juniper Networks	Junos Space	Junos Space version 17.1R1 sans le correctif de sécurité Patch-v1
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D55
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.1R9

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10810 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10822 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10808 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10818 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10807 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10813 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10814 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10811 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10819 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10816 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10820 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10821 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10809 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10824 du 11 octobre 2017	None	vendor-advisory
Bulletin de sécurité Juniper JSA10817 du 11 octobre 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D110",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Contrail versions 3.1.x ant\u00e9rieures \u00e0 3.1.4.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17 ant\u00e9rieures \u00e0 17.3R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.2R7-S8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D50",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.1R8-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space versions 16.1 ant\u00e9rieures \u00e0 16.1R3",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Contrail versions 3.0.x ant\u00e9rieures \u00e0 3.0.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "ScreenOS versions 6.3.0 ant\u00e9rieures \u00e0 6.3.0r24",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Contrail versions 3.2.x ant\u00e9rieures \u00e0 3.2.5.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Contrail versions 2.x ant\u00e9rieures \u00e0 2.21.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D71",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.2R8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space version 17.1R1 sans le correctif de s\u00e9curit\u00e9 Patch-v1",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.1R9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-10614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10614"
    },
    {
      "name": "CVE-2017-10618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10618"
    },
    {
      "name": "CVE-2017-10622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10622"
    },
    {
      "name": "CVE-2017-10620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10620"
    },
    {
      "name": "CVE-2017-10608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10608"
    },
    {
      "name": "CVE-2017-10606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10606"
    },
    {
      "name": "CVE-2017-10616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10616"
    },
    {
      "name": "CVE-2017-10619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10619"
    },
    {
      "name": "CVE-2017-10615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10615"
    },
    {
      "name": "CVE-2017-10610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10610"
    },
    {
      "name": "CVE-2017-10611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10611"
    },
    {
      "name": "CVE-2016-8610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
    },
    {
      "name": "CVE-2017-10621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10621"
    },
    {
      "name": "CVE-2017-10617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10617"
    },
    {
      "name": "CVE-2016-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5195"
    },
    {
      "name": "CVE-2017-10613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10613"
    },
    {
      "name": "CVE-2017-10607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10607"
    }
  ],
  "initial_release_date": "2017-10-12T00:00:00",
  "last_revision_date": "2017-10-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-348",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2017-10-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10810 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10810\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10822 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10822\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10808 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10808\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10818 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10818\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10807 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10807\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10813 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10813\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10814 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10814\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10811 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10811\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10819 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10819\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10816 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10816\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10820 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10820\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10821 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10821\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10809 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10809\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10824 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10824\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10817 du 11 octobre 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10817\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2018-AVI-539

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	N/A	IBM Case Manager versions 5.3.x antérieures à 5.3.3.0-ICM-IF003
IBM	N/A	IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for Hyper-V versions 8.1.x antérieures à 8.1.6.1
IBM	N/A	IBM MQ versions V8, V9 LTS, V9 CD, V9.1 LTS
IBM	N/A	IBM Contact Optimization versions 9.1.0.x antérieures à 9.1.0.12
IBM	N/A	IBM Connections 5.0 versions antérieures à 5.0 CR4 et sans le correctif temporaire APAR LO94099
IBM	N/A	IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware versions 7.1.x antérieures à 7.1.8.4
IBM	N/A	IBM Case Manager versions antérieures à 5.2.0.4-ICM-IF003
IBM	N/A	IBM Spectrum Protect (formerly Tivoli Storage Manager) Client versions 7.1.x antérieures à 7.1.8.3
IBM	N/A	IBM Case Manager versions 5.2.1.x antérieures à 5.2.1.7-ICM-IF004
IBM	N/A	IBM Spectrum Protect (formerly Tivoli Storage Manager) Client versions 8.1.x antérieures à 8.1.6.1
IBM	VIOS	VIOS versions 2.2.x
IBM	N/A	IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware versions 8.1.x antérieures à 8.1.6.1
IBM	N/A	IBM Connections 5.5 versions antérieures à 5.5 CR3 et sans le correctif temporaire APAR LO94099
IBM	AIX	AIX versions 5.3, 6.1, 7.1 et 7.2
IBM	N/A	IBM Spectrum Protect for Virtual Environments (formerly Tivoli Storage for Virtual Environments): Data Protection for Hyper-V versions 7.1.x antérieures à 7.1.8.4
IBM	WebSphere	IBM WebSphere versions 9.0, 8.5, 8.0 et 7.0
IBM	N/A	IBM Connections 6.0 versions antérieures à 6.0 CR3 et sans le correctif temporaire APAR LO94099
IBM	N/A	IBM Contact Optimization versions 9.1.2.x antérieures à 9.1.2.5

References

Title

Publication Time

Tags

Bulletin de sécurité IBM ibm10730703 du 09 novembre 2018	None	vendor-advisory
Bulletin de sécurité IBM ibm10739387 du 09 novembre 2018	None	vendor-advisory
Bulletin de sécurité IBM ibm10737709 du 09 novembre 2018	None	vendor-advisory
Bulletin de sécurité IBM ibm10737897 du 09 novembre 2018	None	vendor-advisory
Bulletin de sécurité IBM ibm10738765 du 09 novembre 2018	None	vendor-advisory
Bulletin de sécurité IBM ibm10738677 du 09 novembre 2018	None	vendor-advisory
Bulletin de sécurité IBM ibm10734447 du 10 novembre 2018	None	vendor-advisory
Bulletin de sécurité IBM ibm10737761 du 09 novembre 2018	None	vendor-advisory
Bulletin de sécurité IBM ibm10739391 du 09 novembre 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Case Manager versions 5.3.x ant\u00e9rieures \u00e0 5.3.3.0-ICM-IF003",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for Hyper-V versions 8.1.x ant\u00e9rieures \u00e0 8.1.6.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM MQ versions V8, V9 LTS, V9 CD, V9.1 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Contact Optimization versions 9.1.0.x ant\u00e9rieures \u00e0 9.1.0.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Connections 5.0 versions ant\u00e9rieures \u00e0 5.0 CR4 et sans le correctif temporaire APAR LO94099",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware versions 7.1.x ant\u00e9rieures \u00e0 7.1.8.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Case Manager versions ant\u00e9rieures \u00e0 5.2.0.4-ICM-IF003",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect (formerly Tivoli Storage Manager) Client versions 7.1.x ant\u00e9rieures \u00e0 7.1.8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Case Manager versions 5.2.1.x ant\u00e9rieures \u00e0 5.2.1.7-ICM-IF004",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect (formerly Tivoli Storage Manager) Client versions 8.1.x ant\u00e9rieures \u00e0 8.1.6.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS versions 2.2.x",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware versions 8.1.x ant\u00e9rieures \u00e0 8.1.6.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Connections 5.5 versions ant\u00e9rieures \u00e0 5.5 CR3 et sans le correctif temporaire APAR LO94099",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "AIX versions 5.3, 6.1, 7.1 et 7.2",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect for Virtual Environments (formerly Tivoli Storage for Virtual Environments): Data Protection for Hyper-V versions 7.1.x ant\u00e9rieures \u00e0 7.1.8.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM WebSphere versions 9.0, 8.5, 8.0 et 7.0",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Connections 6.0 versions ant\u00e9rieures \u00e0 6.0 CR3 et sans le correctif temporaire APAR LO94099",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Contact Optimization versions 9.1.2.x ant\u00e9rieures \u00e0 9.1.2.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-3009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3009"
    },
    {
      "name": "CVE-2018-3092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3092"
    },
    {
      "name": "CVE-2018-2768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2768"
    },
    {
      "name": "CVE-2018-1656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1656"
    },
    {
      "name": "CVE-2018-3094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3094"
    },
    {
      "name": "CVE-2018-6922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6922"
    },
    {
      "name": "CVE-2018-3104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3104"
    },
    {
      "name": "CVE-2018-3103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3103"
    },
    {
      "name": "CVE-2018-3099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3099"
    },
    {
      "name": "CVE-2018-3098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3098"
    },
    {
      "name": "CVE-2018-2801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2801"
    },
    {
      "name": "CVE-2018-1553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1553"
    },
    {
      "name": "CVE-2018-3010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3010"
    },
    {
      "name": "CVE-2018-1884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1884"
    },
    {
      "name": "CVE-2018-3096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3096"
    },
    {
      "name": "CVE-2018-2992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2992"
    },
    {
      "name": "CVE-2018-3093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3093"
    },
    {
      "name": "CVE-2018-3097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3097"
    },
    {
      "name": "CVE-2016-8610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
    },
    {
      "name": "CVE-2018-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1792"
    },
    {
      "name": "CVE-2018-2806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-2806"
    },
    {
      "name": "CVE-2018-3095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3095"
    },
    {
      "name": "CVE-2018-3102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3102"
    },
    {
      "name": "CVE-2018-1798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1798"
    },
    {
      "name": "CVE-2018-12539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12539"
    },
    {
      "name": "CVE-2018-1786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1786"
    }
  ],
  "initial_release_date": "2018-11-12T00:00:00",
  "last_revision_date": "2018-11-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2018-AVI-539",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-11-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10730703 du 09 novembre 2018",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ibm10730703"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10739387 du 09 novembre 2018",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10739387"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10737709 du 09 novembre 2018",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10737709"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10737897 du 09 novembre 2018",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10737897"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10738765 du 09 novembre 2018",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10738765"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10738677 du 09 novembre 2018",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10738677"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10734447 du 10 novembre 2018",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10734447"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10737761 du 09 novembre 2018",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10737761"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10739391 du 09 novembre 2018",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10739391"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2016-8610 (GCVE-0-2016-8610)

Vulnerability from cvelistv5

CERTFR-2017-AVI-348

Vulnerability from certfr_avis

Solution

CERTFR-2018-AVI-539

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature