Details of VAR-201810-0913

ID

VAR-201810-0913

CVE

CVE-2018-15317

TITLE

plural F5 BIG-IP Cryptographic vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-013266

DESCRIPTION

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted. plural F5 BIG-IP The product contains cryptographic vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. An encryption issue vulnerability exists in the F5 BIG-IP. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. The following versions are affected: F5 BIG-IP versions 14.0.0 to 14.0.0.2, 13.0.0 to 13.1.0.7, 12.1.0 to 12.1.3.5, 11.6.0 to 11.6.3.2, 11.2 .1 in version 11.5.6

Trust: 1.71

sources: NVD: CVE-2018-15317 // JVNDB: JVNDB-2018-013266 // VULHUB: VHN-125564

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip fraud protection service	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lte	version:	11.5.6	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lte	version:	13.1.0.7	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	14.0.0.2	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	12.1.3.5	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	11.6.3.2	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip advanced firewall manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip analytics	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip application acceleration manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip domain name system	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip edge gateway	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip fraud protection service	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip global traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip link controller	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip local traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip policy enforcement manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip protocol security module	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip webaccelerator	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	12.1.1	Trust: 0.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	13.1.0	Trust: 0.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.6.3	Trust: 0.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.6.2	Trust: 0.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	12.1.0	Trust: 0.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	13.0.0	Trust: 0.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	12.1.2	Trust: 0.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	14.0.0	Trust: 0.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	12.1.3	Trust: 0.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	13.0.1	Trust: 0.6

sources: JVNDB: JVNDB-2018-013266 // CNNVD: CNNVD-201810-1536 // NVD: CVE-2018-15317

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-15317
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-15317
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201810-1536
value:	HIGH
Trust: 0.6
VULHUB:	VHN-125564
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-15317
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-125564
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-15317
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-125564 // JVNDB: JVNDB-2018-013266 // CNNVD: CNNVD-201810-1536 // NVD: CVE-2018-15317

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-310	Trust: 0.9

sources: VULHUB: VHN-125564 // JVNDB: JVNDB-2018-013266 // NVD: CVE-2018-15317

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-1536

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201810-1536

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013266

PATCH

title:	K43625118	url:	https://support.f5.com/csp/article/K43625118	Trust: 0.8
title:	F5 BIG-IP Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86511	Trust: 0.6

sources: JVNDB: JVNDB-2018-013266 // CNNVD: CNNVD-201810-1536

EXTERNAL IDS

db:	NVD	id:	CVE-2018-15317	Trust: 2.5
db:	JVNDB	id:	JVNDB-2018-013266	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-1536	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1310.5	Trust: 0.6
db:	VULHUB	id:	VHN-125564	Trust: 0.1

sources: VULHUB: VHN-125564 // JVNDB: JVNDB-2018-013266 // CNNVD: CNNVD-201810-1536 // NVD: CVE-2018-15317

REFERENCES

url:	https://support.f5.com/csp/article/k43625118	Trust: 1.7
url:	https://support.f5.com/csp/article/k43625118?utm_source=f5support&amp%3butm_medium=rss	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15317	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-15317	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/79166	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.1310.5/	Trust: 0.6
url:	https://support.f5.com/csp/article/k43625118?utm_source=f5support&amp;utm_medium=rss	Trust: 0.1

sources: VULHUB: VHN-125564 // JVNDB: JVNDB-2018-013266 // CNNVD: CNNVD-201810-1536 // NVD: CVE-2018-15317

SOURCES

db:	VULHUB	id:	VHN-125564
db:	JVNDB	id:	JVNDB-2018-013266
db:	CNNVD	id:	CNNVD-201810-1536
db:	NVD	id:	CVE-2018-15317

LAST UPDATE DATE

2024-11-23T23:08:33.974000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-125564	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2018-013266	date:	2019-02-18T00:00:00
db:	CNNVD	id:	CNNVD-201810-1536	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2018-15317	date:	2024-11-21T03:50:32.840

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-125564	date:	2018-10-31T00:00:00
db:	JVNDB	id:	JVNDB-2018-013266	date:	2019-02-18T00:00:00
db:	CNNVD	id:	CNNVD-201810-1536	date:	2018-11-01T00:00:00
db:	NVD	id:	CVE-2018-15317	date:	2018-10-31T14:29:00.250