ID

VAR-201902-0192


CVE

CVE-2019-1559


TITLE

OpenSSLĀ  Information Disclosure Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-002098

DESCRIPTION

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). OpenSSL Contains an information disclosure vulnerability.Information may be obtained. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. A vulnerability in OpenSSL could allow an unauthenticated, remote malicious user to access sensitive information on a targeted system. An attacker who is able to perform man-in-the-middle attacks could exploit the vulnerability by persuading a user to access a link that submits malicious input to the affected software. A successful exploit could allow the malicious user to intercept and modify the browser requests and then observe the server behavior in order to conduct a padding oracle attack and decrypt sensitive information. ========================================================================== Ubuntu Security Notice USN-4376-2 July 09, 2020 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: Several security issues were fixed in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Cesar Pereida Garc\xeda, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. A remote attacker could possibly use this issue to decrypt data. (CVE-2019-1559) Bernd Edlinger discovered that OpenSSL incorrectly handled certain decryption functions. (CVE-2019-1563) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: libssl1.0.0 1.0.1f-1ubuntu2.27+esm1 Ubuntu 12.04 ESM: libssl1.0.0 1.0.1-4ubuntu5.44 After a standard system update you need to reboot your computer to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201903-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: March 14, 2019 Bugs: #673056, #678564 ID: 201903-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple Information Disclosure vulnerabilities in OpenSSL allow attackers to obtain sensitive information. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 1.0.2r >= 1.0.2r Description =========== Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. A local attacker could run a malicious process next to legitimate processes using the architectureas parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2r" References ========== [ 1 ] CVE-2018-5407 https://nvd.nist.gov/vuln/detail/CVE-2018-5407 [ 2 ] CVE-2019-1559 https://nvd.nist.gov/vuln/detail/CVE-2019-1559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201903-10 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . 6) - i386, x86_64 3. Description: Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security and bug fix update Advisory ID: RHSA-2019:2304-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2304 Issue date: 2019-08-06 CVE Names: CVE-2018-0734 CVE-2019-1559 ==================================================================== 1. Summary: An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: 0-byte record padding oracle (CVE-2019-1559) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 5. Bugs fixed (https://bugzilla.redhat.com/): 1644364 - CVE-2018-0734 openssl: timing side channel attack in the DSA signature algorithm 1649568 - openssl: microarchitectural and timing side channel padding oracle attack against RSA 1683804 - CVE-2019-1559 openssl: 0-byte record padding oracle 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: openssl-1.0.2k-19.el7.src.rpm x86_64: openssl-1.0.2k-19.el7.x86_64.rpm openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-libs-1.0.2k-19.el7.i686.rpm openssl-libs-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-devel-1.0.2k-19.el7.i686.rpm openssl-devel-1.0.2k-19.el7.x86_64.rpm openssl-perl-1.0.2k-19.el7.x86_64.rpm openssl-static-1.0.2k-19.el7.i686.rpm openssl-static-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: openssl-1.0.2k-19.el7.src.rpm x86_64: openssl-1.0.2k-19.el7.x86_64.rpm openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-libs-1.0.2k-19.el7.i686.rpm openssl-libs-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-devel-1.0.2k-19.el7.i686.rpm openssl-devel-1.0.2k-19.el7.x86_64.rpm openssl-perl-1.0.2k-19.el7.x86_64.rpm openssl-static-1.0.2k-19.el7.i686.rpm openssl-static-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssl-1.0.2k-19.el7.src.rpm ppc64: openssl-1.0.2k-19.el7.ppc64.rpm openssl-debuginfo-1.0.2k-19.el7.ppc.rpm openssl-debuginfo-1.0.2k-19.el7.ppc64.rpm openssl-devel-1.0.2k-19.el7.ppc.rpm openssl-devel-1.0.2k-19.el7.ppc64.rpm openssl-libs-1.0.2k-19.el7.ppc.rpm openssl-libs-1.0.2k-19.el7.ppc64.rpm ppc64le: openssl-1.0.2k-19.el7.ppc64le.rpm openssl-debuginfo-1.0.2k-19.el7.ppc64le.rpm openssl-devel-1.0.2k-19.el7.ppc64le.rpm openssl-libs-1.0.2k-19.el7.ppc64le.rpm s390x: openssl-1.0.2k-19.el7.s390x.rpm openssl-debuginfo-1.0.2k-19.el7.s390.rpm openssl-debuginfo-1.0.2k-19.el7.s390x.rpm openssl-devel-1.0.2k-19.el7.s390.rpm openssl-devel-1.0.2k-19.el7.s390x.rpm openssl-libs-1.0.2k-19.el7.s390.rpm openssl-libs-1.0.2k-19.el7.s390x.rpm x86_64: openssl-1.0.2k-19.el7.x86_64.rpm openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-devel-1.0.2k-19.el7.i686.rpm openssl-devel-1.0.2k-19.el7.x86_64.rpm openssl-libs-1.0.2k-19.el7.i686.rpm openssl-libs-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: openssl-debuginfo-1.0.2k-19.el7.ppc.rpm openssl-debuginfo-1.0.2k-19.el7.ppc64.rpm openssl-perl-1.0.2k-19.el7.ppc64.rpm openssl-static-1.0.2k-19.el7.ppc.rpm openssl-static-1.0.2k-19.el7.ppc64.rpm ppc64le: openssl-debuginfo-1.0.2k-19.el7.ppc64le.rpm openssl-perl-1.0.2k-19.el7.ppc64le.rpm openssl-static-1.0.2k-19.el7.ppc64le.rpm s390x: openssl-debuginfo-1.0.2k-19.el7.s390.rpm openssl-debuginfo-1.0.2k-19.el7.s390x.rpm openssl-perl-1.0.2k-19.el7.s390x.rpm openssl-static-1.0.2k-19.el7.s390.rpm openssl-static-1.0.2k-19.el7.s390x.rpm x86_64: openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-perl-1.0.2k-19.el7.x86_64.rpm openssl-static-1.0.2k-19.el7.i686.rpm openssl-static-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: openssl-1.0.2k-19.el7.src.rpm x86_64: openssl-1.0.2k-19.el7.x86_64.rpm openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-devel-1.0.2k-19.el7.i686.rpm openssl-devel-1.0.2k-19.el7.x86_64.rpm openssl-libs-1.0.2k-19.el7.i686.rpm openssl-libs-1.0.2k-19.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: openssl-debuginfo-1.0.2k-19.el7.i686.rpm openssl-debuginfo-1.0.2k-19.el7.x86_64.rpm openssl-perl-1.0.2k-19.el7.x86_64.rpm openssl-static-1.0.2k-19.el7.i686.rpm openssl-static-1.0.2k-19.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-0734 https://access.redhat.com/security/cve/CVE-2019-1559 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXUl3otzjgjWX9erEAQgZQQ//XNcjRJGLVmjAzbVGiwxEqfFUvDVNiu97 fW0vLXuV9TnQTveOVqOAWmmMv2iShkVIRPDvzlOfUsYrrDEYHKr0N38R/fhDEZsM WQrJh54WK9IjEGNevLTCePKMhVuII1WnHrLDwZ6hxYGdcap/sJrf+N428b5LvHbM B39vWl3vqJYXoiI5dmIYL8ko2SfLms5Cg+dR0hLrNohf9gK2La+jhWb/j2xw6X6q /LXw5+hi/G+USbnNFfjt9G0fNjMMZRX2bukUvY6UWJRYTOXpIUOFqqp5w9zgM7tZ uX7TMTC9xe6te4mBCAFDdt+kYYLYSHfSkFlFq+S7V0MY8DmnIzqBJE4lJIDTVp9F JbrMIPs9G5jdnzPUKZw/gH9WLgka8Q8AYI+KA2xSxFX9VZ20Z+EDDC9/4uwj3i0A gLeIB68OwD70jn4sjuQqizr7TCviQhTUoKVd/mTBAxSEFZLcE8Sy/BEYxLPm81z0 veL16l6pmfg9uLac4V576ImfYNWlBEnJspA5E9K5CqQRPuZpCQFov7/D17Qm8v/x IcVKUaXiGquBwzHmIsD5lTCpl7CrGoU1PfNJ6Y/4xrVFOh1DLA4y6nnfysyO9eZx zBfuYS2VmfIq/tp1CjagI/DmJC4ezXeE4Phq9jm0EBASXtnLzVmc5j7kkqWjCcfm BtpJTAdr1kE=7kKR -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.2r-i586-1_slack14.2.txz: Upgraded. Go into the error state if a fatal alert is sent or received. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1559 (* Security fix *) patches/packages/openssl-solibs-1.0.2r-i586-1_slack14.2.txz: Upgraded. +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2r-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2r-i586-1_slack14.2.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2r-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2r-x86_64-1_slack14.2.txz MD5 signatures: +-------------+ Slackware 14.2 packages: b23a71963648d515630497f203eefab8 openssl-1.0.2r-i586-1_slack14.2.txz 8b04a9be9b78052791f02428be44a639 openssl-solibs-1.0.2r-i586-1_slack14.2.txz Slackware x86_64 14.2 packages: c183c2ad507a65020f13c0dc154c0b11 openssl-1.0.2r-x86_64-1_slack14.2.txz d656915855edd6365636ac558b8180cb openssl-solibs-1.0.2r-x86_64-1_slack14.2.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg openssl-1.0.2r-i586-1_slack14.2.txz openssl-solibs-1.0.2r-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. This issue was discovered by Juraj Somorovsky, Robert Merget and Nimrod Aviram, with additional investigation by Steven Collison and Andrew Hourselt. It was reported to OpenSSL on 10th December 2018. Note: Advisory updated to make it clearer that AEAD ciphersuites are not impacted. Note ==== OpenSSL 1.0.2 and 1.1.0 are currently only receiving security updates. Support for 1.0.2 will end on 31st December 2019. Support for 1.1.0 will end on 11th September 2019. Users of these versions should upgrade to OpenSSL 1.1.1. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20190226.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html

Trust: 2.79

sources: NVD: CVE-2019-1559 // JVNDB: JVNDB-2019-002098 // BID: 107174 // VULHUB: VHN-147651 // VULMON: CVE-2019-1559 // PACKETSTORM: 158377 // PACKETSTORM: 152084 // PACKETSTORM: 155413 // PACKETSTORM: 154042 // PACKETSTORM: 155415 // PACKETSTORM: 153932 // PACKETSTORM: 151886 // PACKETSTORM: 169635

AFFECTED PRODUCTS

vendor:oraclemodel:services tools bundlescope:eqversion:19.2

Trust: 1.3

vendor:oraclemodel:secure global desktopscope:eqversion:5.4

Trust: 1.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.57

Trust: 1.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.56

Trust: 1.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.55

Trust: 1.3

vendor:oraclemodel:jd edwards enterpriseone toolsscope:eqversion:9.2

Trust: 1.3

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.3.3

Trust: 1.3

vendor:oraclemodel:enterprise manager base platformscope:eqversion:13.3.0.0.0

Trust: 1.3

vendor:oraclemodel:enterprise manager base platformscope:eqversion:13.2.0.0.0

Trust: 1.3

vendor:oraclemodel:enterprise manager base platformscope:eqversion:12.1.0.5.0

Trust: 1.3

vendor:oraclemodel:endeca serverscope:eqversion:7.7.0

Trust: 1.3

vendor:f5model:big-ip global traffic managerscope:lteversion:14.1.2

Trust: 1.0

vendor:oraclemodel:communications session border controllerscope:eqversion:8.0.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:lteversion:14.1.2

Trust: 1.0

vendor:netappmodel:a320scope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:14.0.0

Trust: 1.0

vendor:oraclemodel:jd edwards world securityscope:eqversion:a9.4

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:15.1.0

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:eqversion:8.2

Trust: 1.0

vendor:netappmodel:service processorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:13.1.3

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:eqversion:8.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:14.1.2

Trust: 1.0

vendor:nodejsmodel:node.jsscope:gteversion:6.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:15.0.0

Trust: 1.0

vendor:nodejsmodel:node.jsscope:ltversion:6.17.0

Trust: 1.0

vendor:netappmodel:snapprotectscope:eqversion: -

Trust: 1.0

vendor:mcafeemodel:data exchange layerscope:ltversion:6.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:13.1.3

Trust: 1.0

vendor:nodejsmodel:node.jsscope:ltversion:8.15.1

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:eqversion:8.1

Trust: 1.0

vendor:netappmodel:clustered data ontap antivirus connectorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:12.1.5

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:lteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:14.0.0

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.0

Trust: 1.0

vendor:oraclemodel:communications session routerscope:eqversion:8.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:15.1.0

Trust: 1.0

vendor:netappmodel:fas2720scope:eqversion: -

Trust: 1.0

vendor:oraclemodel:mysqlscope:gteversion:5.7.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:15.1.0

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:eqversion:8.4

Trust: 1.0

vendor:tenablemodel:nessusscope:lteversion:8.2.3

Trust: 1.0

vendor:netappmodel:oncommand unified manager core packagescope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:15.0.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:12.1.5

Trust: 1.0

vendor:oraclemodel:communications session routerscope:eqversion:8.1

Trust: 1.0

vendor:oraclemodel:mysql enterprise monitorscope:lteversion:8.0.14

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:12.1.0

Trust: 1.0

vendor:mcafeemodel:data exchange layerscope:gteversion:4.0.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:15.1.0

Trust: 1.0

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.4.0

Trust: 1.0

vendor:f5model:traffix signaling delivery controllerscope:eqversion:4.4.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:13.1.3

Trust: 1.0

vendor:redhatmodel:jboss enterprise web serverscope:eqversion:5.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:12.1.5

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:netappmodel:oncommand insightscope:eqversion: -

Trust: 1.0

vendor:oraclemodel:communications unified session managerscope:eqversion:8.2.5

Trust: 1.0

vendor:oraclemodel:mysql enterprise monitorscope:gteversion:8.0.0

Trust: 1.0

vendor:netappmodel:solidfirescope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:12.1.5

Trust: 1.0

vendor:netappmodel:a800scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:13.0.0

Trust: 1.0

vendor:oraclemodel:mysqlscope:lteversion:5.7.25

Trust: 1.0

vendor:netappmodel:smi-s providerscope:eqversion: -

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:30

Trust: 1.0

vendor:redhatmodel:virtualization hostscope:eqversion:4.0

Trust: 1.0

vendor:opensslmodel:opensslscope:gteversion:1.0.2

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:12.1.5

Trust: 1.0

vendor:netappmodel:snapdrivescope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:13.1.3

Trust: 1.0

vendor:oraclemodel:mysql workbenchscope:lteversion:8.0.16

Trust: 1.0

vendor:opensslmodel:opensslscope:ltversion:1.0.2r

Trust: 1.0

vendor:netappmodel:altavaultscope:eqversion: -

Trust: 1.0

vendor:mcafeemodel:threat intelligence exchange serverscope:gteversion:2.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:13.1.3

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:12.1.0

Trust: 1.0

vendor:oraclemodel:mysqlscope:lteversion:8.0.15

Trust: 1.0

vendor:paloaltonetworksmodel:pan-osscope:gteversion:9.0.0

Trust: 1.0

vendor:paloaltonetworksmodel:pan-osscope:ltversion:8.0.20

Trust: 1.0

vendor:oraclemodel:communications session border controllerscope:eqversion:8.3

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:lteversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:13.0.0

Trust: 1.0

vendor:netappmodel:ontap select deployscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:13.1.3

Trust: 1.0

vendor:mcafeemodel:agentscope:gteversion:5.6.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:14.1.2

Trust: 1.0

vendor:f5model:big-iq centralized managementscope:gteversion:7.0.0

Trust: 1.0

vendor:oraclemodel:api gatewayscope:eqversion:11.1.2.4.0

Trust: 1.0

vendor:paloaltonetworksmodel:pan-osscope:ltversion:9.0.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:12.1.5

Trust: 1.0

vendor:netappmodel:fas2750scope:eqversion: -

Trust: 1.0

vendor:nodejsmodel:node.jsscope:gteversion:8.9.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:13.1.3

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:gteversion:9.5

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:13.0.0

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:eqversion:8.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:13.0.0

Trust: 1.0

vendor:nodejsmodel:node.jsscope:gteversion:8.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:14.1.2

Trust: 1.0

vendor:mcafeemodel:web gatewayscope:gteversion:7.0.0

Trust: 1.0

vendor:nodejsmodel:node.jsscope:lteversion:8.8.1

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:gteversion:7.3

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:netappmodel:snapcenterscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:13.1.3

Trust: 1.0

vendor:f5model:big-iq centralized managementscope:lteversion:6.1.0

Trust: 1.0

vendor:oraclemodel:business intelligencescope:eqversion:11.1.1.9.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:12.1.0

Trust: 1.0

vendor:netappmodel:oncommand workflow automationscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:14.0.0

Trust: 1.0

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:oraclemodel:mysql enterprise monitorscope:lteversion:4.0.8

Trust: 1.0

vendor:netappmodel:storagegridscope:gteversion:9.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:15.0.0

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:42.3

Trust: 1.0

vendor:netappmodel:c190scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:14.1.2

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:31

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:lteversion:12.1.5

Trust: 1.0

vendor:oraclemodel:communications session border controllerscope:eqversion:8.1.0

Trust: 1.0

vendor:oraclemodel:communications session routerscope:eqversion:8.3

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:nodejsmodel:node.jsscope:gteversion:6.9.0

Trust: 1.0

vendor:netappmodel:oncommand unified managerscope:eqversion: -

Trust: 1.0

vendor:paloaltonetworksmodel:pan-osscope:gteversion:7.1.0

Trust: 1.0

vendor:netappmodel:a220scope:eqversion: -

Trust: 1.0

vendor:oraclemodel:business intelligencescope:eqversion:12.2.1.3.0

Trust: 1.0

vendor:oraclemodel:communications session border controllerscope:eqversion:7.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:15.1.0

Trust: 1.0

vendor:oraclemodel:communications performance intelligence centerscope:eqversion:10.4.0.2

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:12.1.5

Trust: 1.0

vendor:paloaltonetworksmodel:pan-osscope:ltversion:7.1.15

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:14.0.0

Trust: 1.0

vendor:oraclemodel:mysqlscope:lteversion:5.6.43

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:12.1.0

Trust: 1.0

vendor:paloaltonetworksmodel:pan-osscope:ltversion:8.1.8

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:15.0.0

Trust: 1.0

vendor:netappmodel:hci compute nodescope:eqversion: -

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:f5model:big-iq centralized managementscope:lteversion:7.1.0

Trust: 1.0

vendor:netappmodel:hyper converged infrastructurescope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:15.0.0

Trust: 1.0

vendor:oraclemodel:communications session border controllerscope:eqversion:8.2

Trust: 1.0

vendor:oraclemodel:jd edwards world securityscope:eqversion:a9.3

Trust: 1.0

vendor:netappmodel:storage automation storescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:virtualizationscope:eqversion:4.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:15.1.0

Trust: 1.0

vendor:mcafeemodel:threat intelligence exchange serverscope:ltversion:3.0.0

Trust: 1.0

vendor:netappmodel:storagegridscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:13.0.0

Trust: 1.0

vendor:oraclemodel:communications session routerscope:eqversion:8.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:12.1.5

Trust: 1.0

vendor:f5model:traffix signaling delivery controllerscope:lteversion:5.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:12.1.0

Trust: 1.0

vendor:oraclemodel:communications unified session managerscope:eqversion:7.3.5

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:15.1.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:29

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:traffix signaling delivery controllerscope:gteversion:5.0.0

Trust: 1.0

vendor:netappmodel:cn1610scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:14.1.2

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:oraclemodel:communications session routerscope:eqversion:7.4

Trust: 1.0

vendor:paloaltonetworksmodel:pan-osscope:gteversion:8.1.0

Trust: 1.0

vendor:nodejsmodel:node.jsscope:lteversion:6.8.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:13.1.3

Trust: 1.0

vendor:netappmodel:santricity smi-s providerscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:12.1.0

Trust: 1.0

vendor:netappmodel:hci management nodescope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:13.0.0

Trust: 1.0

vendor:mcafeemodel:agentscope:lteversion:5.6.4

Trust: 1.0

vendor:oraclemodel:business intelligencescope:eqversion:12.2.1.4.0

Trust: 1.0

vendor:oraclemodel:mysqlscope:gteversion:8.0.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:15.0.0

Trust: 1.0

vendor:netappmodel:ontap select deploy administration utilityscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:gteversion:13.0.0

Trust: 1.0

vendor:netappmodel:element softwarescope:eqversion: -

Trust: 1.0

vendor:f5model:big-iq centralized managementscope:gteversion:6.0.0

Trust: 1.0

vendor:mcafeemodel:web gatewayscope:ltversion:9.0.0

Trust: 1.0

vendor:oraclemodel:jd edwards world securityscope:eqversion:a9.3.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:13.1.3

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.10

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:15.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:14.1.2

Trust: 1.0

vendor:oraclemodel:mysqlscope:gteversion:5.6.0

Trust: 1.0

vendor:netappmodel:storagegridscope:lteversion:9.0.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:13.0.0

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:paloaltonetworksmodel:pan-osscope:gteversion:8.0.0

Trust: 1.0

vendor:ę—„ē«‹model:jp1/snmp system observerscope: - version: -

Trust: 0.8

vendor:netappmodel:steelstore cloud integrated storagescope: - version: -

Trust: 0.8

vendor:netappmodel:oncommand workflow automationscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:jp1/operations analyticsscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:job management system partern 1/automatic job management system 3scope: - version: -

Trust: 0.8

vendor:netappmodel:storagegrid webscalescope: - version: -

Trust: 0.8

vendor:tenablemodel:nessusscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:ucosminexus service architectscope: - version: -

Trust: 0.8

vendor:opensusemodel:leapscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:jp1/automatic job management system 3scope: - version: -

Trust: 0.8

vendor:f5model:traffix sdcscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:jp1/data highwayscope: - version: -

Trust: 0.8

vendor:opensslmodel:opensslscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:ucosminexus primary serverscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:ucosminexus developerscope: - version: -

Trust: 0.8

vendor:canonicalmodel:ubuntuscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:ucosminexus service platformscope: - version: -

Trust: 0.8

vendor:netappmodel:santricity smi-s providerscope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:netappmodel:ontap select deploy administration utilityscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:jp1/it desktop management 2scope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:jp1/performance managementscope: - version: -

Trust: 0.8

vendor:netappmodel:ontap select deployscope: - version: -

Trust: 0.8

vendor:netappmodel:snapdrivescope: - version: -

Trust: 0.8

vendor:netappmodel:oncommand unified managerscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:jp1/automatic operationscope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:cosminexus http serverscope: - version: -

Trust: 0.8

vendor:netappmodel:hyper converged infrastructurescope: - version: -

Trust: 0.8

vendor:netappmodel:element softwarescope: - version: -

Trust: 0.8

vendor:ę—„ē«‹model:ucosminexus application serverscope: - version: -

Trust: 0.8

vendor:oraclemodel:solarisscope:eqversion:11.4

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:11.3

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:10

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:8.0.16

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:8.0.13

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:8.0.11

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:6.3.10

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:6.3.8

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:6.1.5

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:6.1.4

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:8.0.15

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:8.0.14

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:8.0.13

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:8.0.12

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:8.0.11

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.25

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.24

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.23

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.22

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.21

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.20

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.19

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.18

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.17

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.16

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.15

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.12

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.43

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.42

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.41

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.40

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.39

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.38

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.37

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.36

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.35

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.34

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.33

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.30

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.29

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.28

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.27

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.26

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.23

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.22

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.21

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.25

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.24

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.20

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.16

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.15

Trust: 0.3

vendor:oraclemodel:mysql connectorsscope:eqversion:8.0.15

Trust: 0.3

vendor:oraclemodel:mysql connectorsscope:eqversion:8.0.13

Trust: 0.3

vendor:oraclemodel:mysql connectorsscope:eqversion:8.0.12

Trust: 0.3

vendor:oraclemodel:mysql connectorsscope:eqversion:8.0.11

Trust: 0.3

vendor:oraclemodel:mysql connectorsscope:eqversion:5.3.12

Trust: 0.3

vendor:oraclemodel:mysql connectorsscope:eqversion:5.3.10

Trust: 0.3

vendor:oraclemodel:mysql connectorsscope:eqversion:5.3.9

Trust: 0.3

vendor:oraclemodel:mysql connectorsscope:eqversion:5.3.7

Trust: 0.3

vendor:oraclemodel:jd edwards world security a9.4scope: - version: -

Trust: 0.3

vendor:oraclemodel:jd edwards world security a9.3.1scope: - version: -

Trust: 0.3

vendor:oraclemodel:jd edwards world security a9.3scope: - version: -

Trust: 0.3

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.4

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:1.0.2

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2qscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2pscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2oscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2nscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2mscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2lscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2kscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2jscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2iscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2hscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2gscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2fscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2escope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2dscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2cscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2bscope: - version: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2ascope: - version: -

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:2.2

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.2

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2rscope:neversion: -

Trust: 0.3

sources: BID: 107174 // JVNDB: JVNDB-2019-002098 // NVD: CVE-2019-1559

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1559
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1559
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201902-956
value: MEDIUM

Trust: 0.6

VULHUB: VHN-147651
value: MEDIUM

Trust: 0.1

VULMON: CVE-2019-1559
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1559
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-147651
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1559
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-1559
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-147651 // VULMON: CVE-2019-1559 // JVNDB: JVNDB-2019-002098 // CNNVD: CNNVD-201902-956 // NVD: CVE-2019-1559

PROBLEMTYPE DATA

problemtype:CWE-203

Trust: 1.1

problemtype:information leak (CWE-200) [NVD Evaluation ]

Trust: 0.8

problemtype:CWE-200

Trust: 0.1

sources: VULHUB: VHN-147651 // JVNDB: JVNDB-2019-002098 // NVD: CVE-2019-1559

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 169635 // CNNVD: CNNVD-201902-956

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201902-956

PATCH

title:hitachi-sec-2019-132 Software product security informationurl:https://usn.ubuntu.com/3899-1/

Trust: 0.8

title:OpenSSL Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89673

Trust: 0.6

title:Red Hat: Moderate: openssl security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192304 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: openssl security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192471 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: openssl, openssl1.0 vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3899-1

Trust: 0.1

title:Debian Security Advisories: DSA-4400-1 openssl1.0 -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=675a6469b3fad3c9a56addc922ae8d9d

Trust: 0.1

title:Red Hat: Moderate: rhvm-appliance security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192439 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat JBoss Web Server 5.2 security releaseurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193929 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat JBoss Web Server 5.2 security releaseurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193931 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Red Hat Virtualization security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192437 - Security Advisory

Trust: 0.1

title:Red Hat: CVE-2019-1559url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2019-1559

Trust: 0.1

title:Arch Linux Advisories: [ASA-201903-2] openssl-1.0: information disclosureurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201903-2

Trust: 0.1

title:Arch Linux Advisories: [ASA-201903-6] lib32-openssl-1.0: information disclosureurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201903-6

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2019-1559

Trust: 0.1

title:Amazon Linux AMI: ALAS-2019-1188url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1188

Trust: 0.1

title:Amazon Linux 2: ALAS2-2019-1362url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1362

Trust: 0.1

title:Amazon Linux 2: ALAS2-2019-1188url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1188

Trust: 0.1

title:IBM: IBM Security Bulletin: Vulnerability in OpenSSL affects IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=884ffe1be805ead0a804f06f7c14072c

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM Security Proventia Network Active Bypass is affected by openssl vulnerabilities (CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=1092f7b64100b0110232688947fb97ed

Trust: 0.1

title:IBM: IBM Security Bulletin: Guardium StealthBits Integration is affected by an OpenSSL vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=6b4ff04f16b62df96980d37251dc9ae0

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM InfoSphere Master Data Management Standard and Advanced Editions are affected by vulnerabilities in OpenSSL (CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=7856a174f729c96cf2ba970cfef5f604

Trust: 0.1

title:IBM: IBM Security Bulletin: OpenSSL vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=04a72ac59f1cc3a5b02c155d941c5cfd

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM DataPower Gateway is affected by a padding oracle vulnerability (CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=9c55c211aa2410823d4d568143afa117

Trust: 0.1

title:IBM: Security Bulletin: OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera Desktop Client 3.9.1 and earlier (CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=c233af3070d7248dcbafadb6b367e2a1

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM QRadar Network Security is affected by openssl vulnerabilities (CVE-2019-1559, CVE-2018-0734)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=7ceb7cf440b088f91358d1c597d5a414

Trust: 0.1

title:IBM: IBM Security Bulletin: Vulnerability in OpenSSL affects IBM Rational ClearCase (CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=c0b11f80d1ecd798a97f3bda2b68f830

Trust: 0.1

title:IBM: IBM Security Bulletin: Vulnerability CVE-2019-1559 in OpenSSL affects IBM iurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=12860155d0bf31ea6e2e3ffcef7ea7e0

Trust: 0.1

title:IBM: IBM Security Bulletin: Vulnerability in OpenSSL affects AIX (CVE-2019-1559) Security Bulletinurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=2709308a62e1e2fafc2e4989ef440aa3

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundationurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=1b873a45dce8bb56ff011908a9402b67

Trust: 0.1

title:IBM: IBM Security Bulletin: Node.js as used in IBM QRadar Packet Capture is vulnerable to the following CVEā€™s (CVE-2019-1559, CVE-2019-5737, CVE-2019-5739)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=aae1f2192c5cf9375ed61f7a27d08f64

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private (CVE-2019-5739 CVE-2019-5737 CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=8b00742d4b57e0eaab4fd3f9a2125634

Trust: 0.1

title:IBM: IBM Security Bulletin: Vulnerabilities in OpenSSL affect GCM16 & GCM32 and LCM8 & LCM16 KVM Switch Firmware (CVE-2018-0732 CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=ca67e77b9edd2ad304d2f2da1853223f

Trust: 0.1

title:IBM: IBM Security Bulletin: Vulnerabilities in GNU OpenSSL (1.0.2 series) affect IBM Netezza Analyticsurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=ac5ccbde4e4ddbcabd10cacf82487a11

Trust: 0.1

title:IBM: Security Bulletin: Vulnerabities in SSL in IBM DataPower Gatewayurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=5fc1433ca504461e3bbb1d30e408592c

Trust: 0.1

title:Hitachi Security Advisories: Vulnerability in Cosminexus HTTP Serverurl:https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories&qid=hitachi-sec-2019-112

Trust: 0.1

title:Hitachi Security Advisories: Vulnerability in JP1url:https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories&qid=hitachi-sec-2019-132

Trust: 0.1

title:IBM: IBM Security Bulletin: Security vulnerabilities identified in OpenSSL affect Rational Build Forge (CVE-2018-0734, CVE-2018-5407 and CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=e59d7f075c856823d6f7370dea35e662

Trust: 0.1

title:Debian CVElist Bug Report Logs: mysql-5.7: Security fixes from the April 2019 CPUurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=5f1bd0287d0770973261ab8500c6982b

Trust: 0.1

title:IBM: IBM Security Bulletin: Vulnerability in Node.js affects IBM Integration Bus & IBM App Connect Enterprise V11url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=1a7cb34592ef045ece1d2b32c150f2a2

Trust: 0.1

title:IBM: IBM Security Bulletin: Secure Gateway is affected by multiple vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=28830011b173eee360fbb2a55c68c9d3

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple vulnerabilities affect IBMĀ® SDK for Node.jsā„¢ in IBM Cloudurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=8db7a9036f52f1664d12ac73d7a3506f

Trust: 0.1

title:IBM: IBM Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow and IBM Business Process Manager (BPM)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=6b74f45222d8029af7ffef49314f6056

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2019url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=4ee609eeae78bbbd0d0c827f33a7f87f

Trust: 0.1

title:Tenable Security Advisories: [R1] Nessus Agent 7.4.0 Fixes One Third-party Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2019-03

Trust: 0.1

title:Forcepoint Security Advisories: CVE-2018-0734 and CVE-2019-1559 (OpenSSL)url:https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories&qid=b508c983da563a8786bf80c360afb887

Trust: 0.1

title:Hitachi Security Advisories: Multiple Vulnerabilities in JP1/Automatic Job Management System 3 - Web Operation Assistanturl:https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories&qid=hitachi-sec-2021-121

Trust: 0.1

title:Palo Alto Networks Security Advisory: url:https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory&qid=217c2f4028735d91500e325e8ba1cbba

Trust: 0.1

title:Palo Alto Networks Security Advisory: CVE-2019-1559 OpenSSL vulnerability CVE-2019-1559 has been resolved in PAN-OSurl:https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory&qid=a16107c1f899993837417057168db200

Trust: 0.1

title:IBM: IBM Security Bulletin:IBM Security Identity Adapters has released a fix in response to the OpenSSL vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=00b8bc7d11e5484e8721f3f62ec2ce87

Trust: 0.1

title:IBM: Security Bulletin: Vulnerabilities have been identified in OpenSSL and the Kernel shipped with the DS8000 Hardware Management Console (HMC)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=423d1da688755122eb2591196e4cc160

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple vulnerabilities affect IBM Watson Assistant for IBM Cloud Pak for Dataurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=1e6142e07a3e9637110bdfa17e331459

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple Vulnerabilities in Watson Openscale (Liberty, Java, node.js)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=a47e10150b300f15d2fd55b9cdaed12d

Trust: 0.1

title:Tenable Security Advisories: [R1] Nessus 8.3.0 Fixes Multiple Third-party Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2019-02

Trust: 0.1

title:IBM: IBM Security Bulletin: BigFix Platform 9.5.x / 9.2.x affected by multiple vulnerabilities (CVE-2018-16839, CVE-2018-16842, CVE-2018-16840, CVE-2019-3823, CVE-2019-3822, CVE-2018-16890, CVE-2019-4011, CVE-2018-2005, CVE-2019-4058, CVE-2019-1559)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=0b05dc856c1be71db871bcea94f6fa8d

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been addressed in IBM Security Access Manager Applianceurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=800337bc69aa7ad92ac88a2adcc7d426

Trust: 0.1

title:IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches ā€“ Releases 1801-w and 1801-yurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=bf3f2299a8658b7cd3984c40e7060666

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2019-1559

Trust: 0.1

title:Centos-6-openssl-1.0.1e-58.pd1trfirurl:https://github.com/daTourist/Centos-6-openssl-1.0.1e-58.pd1trfir

Trust: 0.1

title: - url:https://github.com/tls-attacker/TLS-Padding-Oracles

Trust: 0.1

title:TLS-Padding-Oraclesurl:https://github.com/RUB-NDS/TLS-Padding-Oracles

Trust: 0.1

title:vygerurl:https://github.com/mrodden/vyger

Trust: 0.1

title: - url:https://github.com/vincent-deng/veracode-container-security-finding-parser

Trust: 0.1

sources: VULMON: CVE-2019-1559 // JVNDB: JVNDB-2019-002098 // CNNVD: CNNVD-201902-956

EXTERNAL IDS

db:NVDid:CVE-2019-1559

Trust: 3.7

db:BIDid:107174

Trust: 2.1

db:TENABLEid:TNS-2019-03

Trust: 1.8

db:TENABLEid:TNS-2019-02

Trust: 1.8

db:MCAFEEid:SB10282

Trust: 1.8

db:PULSESECUREid:SA44019

Trust: 0.9

db:PACKETSTORMid:151886

Trust: 0.8

db:JVNDBid:JVNDB-2019-002098

Trust: 0.8

db:CNNVDid:CNNVD-201902-956

Trust: 0.7

db:PACKETSTORMid:158377

Trust: 0.7

db:PACKETSTORMid:155415

Trust: 0.7

db:AUSCERTid:ESB-2019.4479.2

Trust: 0.6

db:AUSCERTid:ESB-2020.3729

Trust: 0.6

db:AUSCERTid:ESB-2020.0102

Trust: 0.6

db:AUSCERTid:ESB-2020.2383

Trust: 0.6

db:AUSCERTid:ESB-2020.3462

Trust: 0.6

db:AUSCERTid:ESB-2020.0487

Trust: 0.6

db:AUSCERTid:ESB-2021.4083

Trust: 0.6

db:AUSCERTid:ESB-2019.0620

Trust: 0.6

db:AUSCERTid:ESB-2019.0751.2

Trust: 0.6

db:AUSCERTid:ESB-2019.4558

Trust: 0.6

db:AUSCERTid:ESB-2022.0696

Trust: 0.6

db:AUSCERTid:ESB-2020.0192

Trust: 0.6

db:AUSCERTid:ESB-2019.4479

Trust: 0.6

db:AUSCERTid:ESB-2020.0032

Trust: 0.6

db:AUSCERTid:ESB-2020.4255

Trust: 0.6

db:AUSCERTid:ESB-2019.4297

Trust: 0.6

db:AUSCERTid:ESB-2019.0666

Trust: 0.6

db:AUSCERTid:ESB-2019.4405

Trust: 0.6

db:AUSCERTid:ESB-2019.3390.4

Trust: 0.6

db:PACKETSTORMid:154042

Trust: 0.2

db:PACKETSTORMid:151885

Trust: 0.1

db:PACKETSTORMid:151918

Trust: 0.1

db:VULHUBid:VHN-147651

Trust: 0.1

db:VULMONid:CVE-2019-1559

Trust: 0.1

db:PACKETSTORMid:152084

Trust: 0.1

db:PACKETSTORMid:155413

Trust: 0.1

db:PACKETSTORMid:153932

Trust: 0.1

db:PACKETSTORMid:169635

Trust: 0.1

sources: VULHUB: VHN-147651 // VULMON: CVE-2019-1559 // BID: 107174 // JVNDB: JVNDB-2019-002098 // PACKETSTORM: 158377 // PACKETSTORM: 152084 // PACKETSTORM: 155413 // PACKETSTORM: 154042 // PACKETSTORM: 155415 // PACKETSTORM: 153932 // PACKETSTORM: 151886 // PACKETSTORM: 169635 // CNNVD: CNNVD-201902-956 // NVD: CVE-2019-1559

REFERENCES

url:http://www.securityfocus.com/bid/107174

Trust: 3.6

url:https://access.redhat.com/errata/rhsa-2019:3929

Trust: 2.5

url:https://access.redhat.com/errata/rhsa-2019:3931

Trust: 2.5

url:https://www.oracle.com/security-alerts/cpujan2021.html

Trust: 2.4

url:https://www.openssl.org/news/secadv/20190226.txt

Trust: 2.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-1559

Trust: 2.2

url:https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Trust: 2.1

url:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Trust: 2.1

url:https://access.redhat.com/errata/rhsa-2019:2304

Trust: 2.0

url:https://security.gentoo.org/glsa/201903-10

Trust: 1.9

url:https://access.redhat.com/errata/rhsa-2019:2471

Trust: 1.9

url:https://usn.ubuntu.com/3899-1/

Trust: 1.9

url:https://security.netapp.com/advisory/ntap-20190301-0001/

Trust: 1.8

url:https://security.netapp.com/advisory/ntap-20190301-0002/

Trust: 1.8

url:https://security.netapp.com/advisory/ntap-20190423-0002/

Trust: 1.8

url:https://www.tenable.com/security/tns-2019-02

Trust: 1.8

url:https://www.tenable.com/security/tns-2019-03

Trust: 1.8

url:https://www.debian.org/security/2019/dsa-4400

Trust: 1.8

url:https://www.oracle.com/security-alerts/cpujan2020.html

Trust: 1.8

url:https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Trust: 1.8

url:https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html

Trust: 1.8

url:https://access.redhat.com/errata/rhsa-2019:2437

Trust: 1.8

url:https://access.redhat.com/errata/rhsa-2019:2439

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html

Trust: 1.8

url:https://usn.ubuntu.com/4376-2/

Trust: 1.8

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10282

Trust: 1.7

url:https://support.f5.com/csp/article/k18549143

Trust: 1.2

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ewc42uxl5ghtu5g77vkbf6jyuungshom/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zbev5qgdrfuzdmnecfxusn5fmyozde4v/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/y3ivfgserazlnjck35tem2r4726xih3z/

Trust: 1.1

url:https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e

Trust: 1.1

url:https://support.f5.com/csp/article/k18549143?utm_source=f5support&amp%3butm_medium=rss

Trust: 1.1

url:http://openssl.org/

Trust: 0.9

url:https://github.com/rub-nds/tls-padding-oracles

Trust: 0.9

url:https://www.oracle.com/technetwork/topics/security/bulletinapr2019-5462008.html

Trust: 0.9

url:https://kb.pulsesecure.net/articles/pulse_security_advisories/sa44019/?l=en_us&atype=sa&fs=search&pn=1&atype=sa

Trust: 0.9

url:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory30.asc

Trust: 0.9

url:https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zbev5qgdrfuzdmnecfxusn5fmyozde4v/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/y3ivfgserazlnjck35tem2r4726xih3z/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ewc42uxl5ghtu5g77vkbf6jyuungshom/

Trust: 0.7

url:https://support.f5.com/csp/article/k18549143?utm_source=f5support&utm_medium=rss

Trust: 0.6

url:https://support.symantec.com/us/en/article.symsa1490.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1170328

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1170340

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1170334

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1170322

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1170352

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1170346

Trust: 0.6

url:https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20190572-1/

Trust: 0.6

url:https://usn.ubuntu.com/4212-1/

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1115655

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1115649

Trust: 0.6

url:https://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/ hitachi-sec-2019-132/index.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/2016771

Trust: 0.6

url:https://www.ibm.com/support/pages/node/2020677

Trust: 0.6

url:https://www.ibm.com/support/pages/node/2027745

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1126581

Trust: 0.6

url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-132/index.html

Trust: 0.6

url:http://www.ubuntu.com/usn/usn-3899-1

Trust: 0.6

url:https://www.auscert.org.au/bulletins/76438

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-tivoli-netcool-system-service-monitors-application-service-monitors-cve-2018-5407cve-2020-1967cve-2018-0734cve-2019-1563cve-2019/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4405/

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1116357

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4558/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4479/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3729/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/76230

Trust: 0.6

url:https://www.oracle.com/security-alerts/cpujan2020verbose.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0032/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0487/

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1115643

Trust: 0.6

url:https://vigilance.fr/vulnerability/openssl-1-0-2-information-disclosure-via-0-byte-record-padding-oracle-28600

Trust: 0.6

url:https://www.ibm.com/support/pages/node/3517185

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1167202

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-openssl-as-used-by-ibm-qradar-siem-is-missing-a-required-cryptographic-step-cve-2019-1559/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0192/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3390.4/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-openssl-affects-ibm-integrated-analytics-system/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4479.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3462/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4083

Trust: 0.6

url:https://packetstormsecurity.com/files/155415/red-hat-security-advisory-2019-3929-01.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6520674

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0696

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-have-been-identified-in-openssl-and-the-kernel-shipped-with-the-ds8000-hardware-management-console-hmc/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/76782

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-products-are-affected-by-the-following-opensll-vulnerability/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2383/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4255/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4297/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0102/

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1143442

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-in-openssh-and-openssl-shipped-with-ibm-security-access-manager-appliance-cve-2018-15473-cve-2019-1559/

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1105965

Trust: 0.6

url:https://packetstormsecurity.com/files/158377/ubuntu-security-notice-usn-4376-2.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/1106553

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-public-disclosed-vulnerability-from-openssl-affect-ibm-netezza-host-management/

Trust: 0.6

url:https://packetstormsecurity.com/files/151886/slackware-security-advisory-openssl-updates.html

Trust: 0.6

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://bugzilla.redhat.com/):

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-1559

Trust: 0.4

url:https://access.redhat.com/articles/11258

Trust: 0.4

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.4

url:https://access.redhat.com/security/team/contact/

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2018-5407

Trust: 0.3

url:https://access.redhat.com/security/team/key/

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-10072

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-0221

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-5407

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-0221

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-10072

Trust: 0.2

url:https://kc.mcafee.com/corporate/index?page=content&amp;id=sb10282

Trust: 0.1

url:https://support.f5.com/csp/article/k18549143?utm_source=f5support&amp;amp;utm_medium=rss

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/203.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2019-1559

Trust: 0.1

url:https://tools.cisco.com/security/center/viewalert.x?alertid=59697

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-1547

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-1563

Trust: 0.1

url:https://usn.ubuntu.com/4376-1

Trust: 0.1

url:https://usn.ubuntu.com/4376-2

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/5.2/

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-0734

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-0734

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1559

Trust: 0.1

url:http://slackware.com

Trust: 0.1

url:http://osuosl.org)

Trust: 0.1

url:http://slackware.com/gpg-key

Trust: 0.1

url:https://www.openssl.org/policies/secpolicy.html

Trust: 0.1

sources: VULHUB: VHN-147651 // VULMON: CVE-2019-1559 // BID: 107174 // JVNDB: JVNDB-2019-002098 // PACKETSTORM: 158377 // PACKETSTORM: 152084 // PACKETSTORM: 155413 // PACKETSTORM: 154042 // PACKETSTORM: 155415 // PACKETSTORM: 153932 // PACKETSTORM: 151886 // PACKETSTORM: 169635 // CNNVD: CNNVD-201902-956 // NVD: CVE-2019-1559

CREDITS

Robert Merget and Nimrod Aviram, with additional investigation by Steven Collison and Andrew Hourselt,Red Hat,Slackware Security Team,Juraj Somorovsky

Trust: 0.6

sources: CNNVD: CNNVD-201902-956

SOURCES

db:VULHUBid:VHN-147651
db:VULMONid:CVE-2019-1559
db:BIDid:107174
db:JVNDBid:JVNDB-2019-002098
db:PACKETSTORMid:158377
db:PACKETSTORMid:152084
db:PACKETSTORMid:155413
db:PACKETSTORMid:154042
db:PACKETSTORMid:155415
db:PACKETSTORMid:153932
db:PACKETSTORMid:151886
db:PACKETSTORMid:169635
db:CNNVDid:CNNVD-201902-956
db:NVDid:CVE-2019-1559

LAST UPDATE DATE

2024-11-23T21:31:43.543000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-147651date:2022-08-19T00:00:00
db:VULMONid:CVE-2019-1559date:2023-11-07T00:00:00
db:BIDid:107174date:2019-07-17T06:00:00
db:JVNDBid:JVNDB-2019-002098date:2021-07-15T06:04:00
db:CNNVDid:CNNVD-201902-956date:2022-03-25T00:00:00
db:NVDid:CVE-2019-1559date:2024-11-21T04:36:48.960

SOURCES RELEASE DATE

db:VULHUBid:VHN-147651date:2019-02-27T00:00:00
db:VULMONid:CVE-2019-1559date:2019-02-27T00:00:00
db:BIDid:107174date:2019-02-26T00:00:00
db:JVNDBid:JVNDB-2019-002098date:2019-04-02T00:00:00
db:PACKETSTORMid:158377date:2020-07-09T18:42:27
db:PACKETSTORMid:152084date:2019-03-14T16:23:47
db:PACKETSTORMid:155413date:2019-11-20T20:32:22
db:PACKETSTORMid:154042date:2019-08-13T17:44:04
db:PACKETSTORMid:155415date:2019-11-20T20:44:44
db:PACKETSTORMid:153932date:2019-08-06T21:09:19
db:PACKETSTORMid:151886date:2019-02-27T19:22:00
db:PACKETSTORMid:169635date:2019-02-26T12:12:12
db:CNNVDid:CNNVD-201902-956date:2019-02-26T00:00:00
db:NVDid:CVE-2019-1559date:2019-02-27T23:29:00.277