Details of VAR-201609-0352

ID

VAR-201609-0352

CVE

CVE-2016-6309

TITLE

OpenSSL of statem/statem.c Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-004995

DESCRIPTION

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session. Supplementary information : CWE Vulnerability type by CWE-416: Use After Free ( Use of freed memory ) Has been identified. OpenSSL is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions

Trust: 1.98

sources: NVD: CVE-2016-6309 // JVNDB: JVNDB-2016-004995 // BID: 93177 // VULMON: CVE-2016-6309

AFFECTED PRODUCTS

vendor:	openssl	model:	openssl	scope:	eq	version:	1.1.0a	Trust: 2.4
vendor:	cisco	model:	paging server	scope:	eq	version:	0	Trust: 0.6
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.10	Trust: 0.3
vendor:	cisco	model:	webex centers t32	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	video surveillance series ip cameras	scope:	eq	version:	30000	Trust: 0.3
vendor:	ibm	model:	sterling connect:express for unix ifix	scope:	ne	version:	1.5.0.13150-13	Trust: 0.3
vendor:	cisco	model:	clean access manager	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series blade switches 4.1 e1	scope:	ne	version:	4000	Trust: 0.3
vendor:	ibm	model:	sterling connect:express for unix	scope:	eq	version:	1.5.0.9	Trust: 0.3
vendor:	cisco	model:	telepresence content server	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	proactive network operations center	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified ip phone	scope:	eq	version:	69010	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for linux	scope:	ne	version:	4.0.7	Trust: 0.3
vendor:	cisco	model:	ucs central software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	video surveillance media server	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	sterling connect:express for unix	scope:	eq	version:	1.5.0.13	Trust: 0.3
vendor:	cisco	model:	stealthwatch management console	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios and cisco ios xe software	scope:	ne	version:	16.2	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for android	scope:	ne	version:	4.0.7	Trust: 0.3
vendor:	cisco	model:	jabber software development kit	scope:	ne	version:	11.8	Trust: 0.3
vendor:	cisco	model:	computer telephony integration object server	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified workforce optimization	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	industrial router 1.2.1rb4	scope:	ne	version:	910	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.1209	Trust: 0.3
vendor:	cisco	model:	ip interoperability and collaboration system	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr series	scope:	eq	version:	50000	Trust: 0.3
vendor:	cisco	model:	edge digital media player	scope:	eq	version:	3400	Trust: 0.3
vendor:	cisco	model:	nexus series switches standalone nx-os mode	scope:	eq	version:	9000-0	Trust: 0.3
vendor:	cisco	model:	unified contact center enterprise	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series switches standalone nx-os mode 7.0 i5	scope:	ne	version:	9000-	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.11	Trust: 0.3
vendor:	cisco	model:	nexus series switches 5.2.8	scope:	ne	version:	7000	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3361	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for desktop platforms	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	cognos business intelligence server	scope:	eq	version:	10.1.1	Trust: 0.3
vendor:	cisco	model:	jabber guest	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	prime license manager	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	video surveillance ptz ip cameras	scope:	ne	version:	2.9	Trust: 0.3
vendor:	cisco	model:	series digital media players 5.3.6 rb3	scope:	ne	version:	4300	Trust: 0.3
vendor:	cisco	model:	stealthwatch flowcollector sflow	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	web security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3394	Trust: 0.3
vendor:	cisco	model:	visual quality experience server	scope:	eq	version:	0	Trust: 0.3
vendor:	oracle	model:	jd edwards enterpriseone tools	scope:	eq	version:	9.2.1.1	Trust: 0.3
vendor:	cisco	model:	video surveillance series ip cameras	scope:	ne	version:	60002.9	Trust: 0.3
vendor:	cisco	model:	content security management appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	ne	version:	11.6	Trust: 0.3
vendor:	cisco	model:	agent for openflow	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for desktop platforms	scope:	ne	version:	4.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.8	Trust: 0.3
vendor:	ibm	model:	flex system manager	scope:	eq	version:	1.3.4.0	Trust: 0.3
vendor:	ibm	model:	rational insight	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	cisco	model:	ons series multiservice provisioning platforms	scope:	eq	version:	154540	Trust: 0.3
vendor:	cisco	model:	telepresence sx series ce8.2.2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asa next-generation firewall services	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	email security appliance	scope:	ne	version:	10.0.1	Trust: 0.3
vendor:	cisco	model:	telepresence server on multiparty media	scope:	eq	version:	8200	Trust: 0.3
vendor:	cisco	model:	unified communications manager im & presence service (formerly c	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios and cisco ios xe software	scope:	ne	version:	16.3	Trust: 0.3
vendor:	cisco	model:	webex meetings for blackberry	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	wide area application services	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	security virtual server protection for vmware	scope:	eq	version:	1.1.0.1	Trust: 0.3
vendor:	cisco	model:	firesight system software	scope:	ne	version:	6.0.1.3	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for mac os	scope:	ne	version:	x4.0.7	Trust: 0.3
vendor:	cisco	model:	common services platform collector	scope:	ne	version:	1.11	Trust: 0.3
vendor:	ibm	model:	cognos business intelligence server	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	cisco	model:	partner support service	scope:	eq	version:	1.0	Trust: 0.3
vendor:	cisco	model:	media services interface	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	cloud web security	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	prime collaboration assurance	scope:	ne	version:	11.6	Trust: 0.3
vendor:	cisco	model:	jabber for iphone and ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	unified attendant console advanced	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	common services platform collector	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for windows	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence mx series ce8.2.2	scope:	ne	version:	-	Trust: 0.3
vendor:	ibm	model:	spectrum control	scope:	eq	version:	5.2.8	Trust: 0.3
vendor:	cisco	model:	webex meetings client on-premises	scope:	eq	version:	-0	Trust: 0.3
vendor:	cisco	model:	unified intelligence center	scope:	ne	version:	11.6(1)	Trust: 0.3
vendor:	cisco	model:	services provisioning platform	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ucs b-series blade servers	scope:	ne	version:	3.1.3	Trust: 0.3
vendor:	cisco	model:	nac appliance clean access manager	scope:	eq	version:	-0	Trust: 0.3
vendor:	ibm	model:	sterling connect:express for unix	scope:	eq	version:	1.4.6	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	eq	version:	10000	Trust: 0.3
vendor:	cisco	model:	jabber for android	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asa next-generation firewall services	scope:	ne	version:	2.1.2	Trust: 0.3
vendor:	ibm	model:	mobilefirst platform foundation	scope:	eq	version:	6.3.0.0	Trust: 0.3
vendor:	cisco	model:	unified attendant console premium edition	scope:	eq	version:	0	Trust: 0.3
vendor:	oracle	model:	api gateway	scope:	eq	version:	11.1.2.4.0	Trust: 0.3
vendor:	cisco	model:	services provisioning platform sfp1.1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	mediasense	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	jabber for android	scope:	ne	version:	11.8	Trust: 0.3
vendor:	cisco	model:	video surveillance series high-definition ip cameras	scope:	eq	version:	40000	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for desktop platforms	scope:	ne	version:	4.3.4	Trust: 0.3
vendor:	openssl	model:	project openssl 1.1.0a	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	series digital media players 5.3.6 rb3	scope:	ne	version:	4400	Trust: 0.3
vendor:	cisco	model:	video surveillance series ip cameras	scope:	ne	version:	30002.9	Trust: 0.3
vendor:	cisco	model:	stealthwatch identity	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	ne	version:	270016.2	Trust: 0.3
vendor:	cisco	model:	application policy infrastructure controller	scope:	ne	version:	2.2(1)	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.2	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	ne	version:	270016.1	Trust: 0.3
vendor:	cisco	model:	unified workforce optimization quality management solution 11.5 su1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	show and share	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence system ex series tc7.3.7	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	universal small cell iuh	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	rrdi	scope:	eq	version:	2.0.5	Trust: 0.3
vendor:	cisco	model:	ucs director	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	jabber client framework components	scope:	ne	version:	11.8	Trust: 0.3
vendor:	cisco	model:	telepresence isdn link	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence profile series tc7.3.7	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	webex meetings client on-premises t32	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	dcm series d9900 digital content manager	scope:	ne	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	ne	version:	70006.2.19	Trust: 0.3
vendor:	cisco	model:	unified attendant console business edition	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	ne	version:	270016.4	Trust: 0.3
vendor:	oracle	model:	peoplesoft enterprise peopletools	scope:	eq	version:	8.54	Trust: 0.3
vendor:	oracle	model:	enterprise manager ops center	scope:	eq	version:	12.1.4	Trust: 0.3
vendor:	cisco	model:	mds series multilayer switches	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	prime network services controller 1.01u	scope:	ne	version:	-	Trust: 0.3
vendor:	oracle	model:	oss support tools	scope:	eq	version:	8.9.15.9.8	Trust: 0.3
vendor:	cisco	model:	firesight system software	scope:	ne	version:	5.4.0.10	Trust: 0.3
vendor:	ibm	model:	worklight consumer edition	scope:	eq	version:	6.1.0.0	Trust: 0.3
vendor:	cisco	model:	universal small cell series	scope:	eq	version:	50000	Trust: 0.3
vendor:	cisco	model:	nexus series switches 5.2 sv3	scope:	ne	version:	1000v	Trust: 0.3
vendor:	cisco	model:	telepresence system tx1310	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified communications domain manager	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence server on multiparty media and	scope:	ne	version:	3103204.4	Trust: 0.3
vendor:	ibm	model:	rrdi	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	ibm	model:	rational insight	scope:	eq	version:	1.1.1.4	Trust: 0.3
vendor:	cisco	model:	nac guest server	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	enterprise content delivery system	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	email security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	cognos business intelligence server	scope:	eq	version:	10.2.11	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for linux	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence system ex series	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	prime collaboration deployment	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	webex business suite	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	dx series ip phones	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios and cisco ios xe software	scope:	ne	version:	15.5(3)	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.18	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for android	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series blade switches	scope:	eq	version:	40000	Trust: 0.3
vendor:	ibm	model:	sterling connect:express for unix	scope:	eq	version:	1.5.0.11	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	ne	version:	500-376.1	Trust: 0.3
vendor:	cisco	model:	jabber for windows	scope:	ne	version:	11.8	Trust: 0.3
vendor:	cisco	model:	telepresence profile series ce8.2.2	scope:	ne	version:	-	Trust: 0.3
vendor:	oracle	model:	enterprise manager base platform	scope:	eq	version:	13.1.0.0	Trust: 0.3
vendor:	cisco	model:	ace30 application control engine module	scope:	eq	version:	0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	ne	version:	5.0.28	Trust: 0.3
vendor:	cisco	model:	edge digital media player 1.6rb5	scope:	ne	version:	300	Trust: 0.3
vendor:	cisco	model:	unified ip phone	scope:	eq	version:	69450	Trust: 0.3
vendor:	cisco	model:	telepresence isdn gateway mse	scope:	eq	version:	83210	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	ne	version:	8.4	Trust: 0.3
vendor:	cisco	model:	jabber software development kit	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	uc integration for microsoft lync	scope:	ne	version:	11.6.3	Trust: 0.3
vendor:	cisco	model:	unified contact center enterprise	scope:	ne	version:	11.6.1	Trust: 0.3
vendor:	cisco	model:	spa112 2-port phone adapter	scope:	ne	version:	1.4.2	Trust: 0.3
vendor:	cisco	model:	telepresence system tx1310	scope:	ne	version:	6.1	Trust: 0.3
vendor:	cisco	model:	connected grid routers	scope:	ne	version:	7.3	Trust: 0.3
vendor:	oracle	model:	enterprise manager base platform	scope:	eq	version:	12.1	Trust: 0.3
vendor:	cisco	model:	telepresence mx series tc7.3.7	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ip interoperability and collaboration system	scope:	ne	version:	5.0(1)	Trust: 0.3
vendor:	cisco	model:	spa122 analog telephone adapter with router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	universal small cell series	scope:	ne	version:	50003.5.12.23	Trust: 0.3
vendor:	cisco	model:	universal small cell series	scope:	eq	version:	50003.4.2.0	Trust: 0.3
vendor:	cisco	model:	connected grid routers	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	uc integration for microsoft lync	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.1768	Trust: 0.3
vendor:	cisco	model:	unity express	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	eq	version:	13000	Trust: 0.3
vendor:	ibm	model:	worklight enterprise edition	scope:	eq	version:	6.1.0.0	Trust: 0.3
vendor:	cisco	model:	tandberg codian isdn gateway	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	jabber guest	scope:	ne	version:	11	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.9	Trust: 0.3
vendor:	cisco	model:	digital media manager 5.3.6 rb3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	series digital media players	scope:	eq	version:	44000	Trust: 0.3
vendor:	cisco	model:	ata series analog terminal adaptors	scope:	ne	version:	1901.3	Trust: 0.3
vendor:	cisco	model:	prime network services controller	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ata series analog terminal adaptors	scope:	eq	version:	1900	Trust: 0.3
vendor:	cisco	model:	asr series	scope:	ne	version:	500021.2	Trust: 0.3
vendor:	cisco	model:	ons series multiservice provisioning platforms	scope:	ne	version:	1545410.7	Trust: 0.3
vendor:	ibm	model:	sterling connect:express for unix	scope:	eq	version:	1.5.0.12	Trust: 0.3
vendor:	cisco	model:	telepresence system series	scope:	eq	version:	30000	Trust: 0.3
vendor:	ibm	model:	worklight consumer edition	scope:	eq	version:	6.1.0.2	Trust: 0.3
vendor:	cisco	model:	hosted collaboration mediation fulfillment	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified communications manager session management edition	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified ip conference phone 10.3.1sr4	scope:	ne	version:	8831	Trust: 0.3
vendor:	ibm	model:	mobilefirst platform foundation	scope:	eq	version:	7.1.0.0	Trust: 0.3
vendor:	cisco	model:	webex meetings server multimedia platform	scope:	eq	version:	-0	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	70000	Trust: 0.3
vendor:	ibm	model:	rational insight	scope:	eq	version:	1.1.1.7	Trust: 0.3
vendor:	cisco	model:	prime network registrar	scope:	ne	version:	8.3.5	Trust: 0.3
vendor:	cisco	model:	series stackable managed switches	scope:	eq	version:	5000	Trust: 0.3
vendor:	cisco	model:	prime access registrar	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified intelligent contact management enterprise	scope:	ne	version:	11.6.1	Trust: 0.3
vendor:	cisco	model:	stealthwatch flowcollector netflow	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ucs manager	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	rrdi	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	cisco	model:	webex meetings server	scope:	eq	version:	1.0	Trust: 0.3
vendor:	cisco	model:	network analysis module	scope:	ne	version:	6.2(2)	Trust: 0.3
vendor:	cisco	model:	video surveillance 4300e and 4500e high-definition ip cameras	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified attendant console department edition	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ip series phones	scope:	eq	version:	78000	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	eq	version:	27000	Trust: 0.3
vendor:	cisco	model:	onepk all-in-one virtual machine	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3387	Trust: 0.3
vendor:	cisco	model:	industrial router	scope:	eq	version:	9100	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	unified intelligence center	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	video distribution suite for internet streaming	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	ne	version:	13006.1	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.7.1	Trust: 0.3
vendor:	cisco	model:	cloupia unified infrastructure controller	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	50000	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	ne	version:	11006.1	Trust: 0.3
vendor:	ibm	model:	flex system manager	scope:	eq	version:	1.3.20	Trust: 0.3
vendor:	cisco	model:	packaged contact center enterprise	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	agent desktop for cisco unified contact center express	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	mobilefirst platform foundation	scope:	eq	version:	8.0.0.0	Trust: 0.3
vendor:	cisco	model:	video surveillance series ip cameras	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence sx series tc7.3.7	scope:	ne	version:	-	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.5	Trust: 0.3
vendor:	cisco	model:	nac appliance clean access server	scope:	eq	version:	-0	Trust: 0.3
vendor:	cisco	model:	video surveillance series ip cameras	scope:	eq	version:	60000	Trust: 0.3
vendor:	cisco	model:	firesight system software	scope:	ne	version:	6.1.0.1	Trust: 0.3
vendor:	cisco	model:	webex meetings for windows phone	scope:	eq	version:	80	Trust: 0.3
vendor:	cisco	model:	spa232d multi-line dect analog telephone adapter	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	prime optical for service providers	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	smart care	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	edge digital media player 1.2rb1.0.3	scope:	ne	version:	340	Trust: 0.3
vendor:	cisco	model:	universal small cell cloudbase factory recovery root filesystem	scope:	eq	version:	2.99.4	Trust: 0.3
vendor:	cisco	model:	network performance analysis	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	ne	version:	60006.2.19	Trust: 0.3
vendor:	oracle	model:	peoplesoft enterprise peopletools	scope:	eq	version:	8.55	Trust: 0.3
vendor:	cisco	model:	unified ip conference phone for third-party call control	scope:	eq	version:	88310	Trust: 0.3
vendor:	ibm	model:	rrdi	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	webex meetings for windows phone	scope:	ne	version:	82.8	Trust: 0.3
vendor:	ibm	model:	spectrum control	scope:	eq	version:	5.2.10	Trust: 0.3
vendor:	cisco	model:	universal small cell cloudbase factory recovery root filesystem	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	ne	version:	5.8.0.32.7	Trust: 0.3
vendor:	cisco	model:	telepresence integrator c series ce8.2.2	scope:	ne	version:	-	Trust: 0.3
vendor:	ibm	model:	cognos business intelligence server	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	cisco	model:	webex meetings client hosted	scope:	eq	version:	-0	Trust: 0.3
vendor:	ibm	model:	rational insight	scope:	eq	version:	1.1.13	Trust: 0.3
vendor:	cisco	model:	content security management appliance	scope:	ne	version:	6.1.140	Trust: 0.3
vendor:	ibm	model:	security virtual server protection for vmware	scope:	eq	version:	1.1	Trust: 0.3
vendor:	ibm	model:	rrdi	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	stealthwatch udp director	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series switches 5.2.8	scope:	ne	version:	6000	Trust: 0.3
vendor:	cisco	model:	intrusion prevention system solutions	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified ip conference phone	scope:	eq	version:	88310	Trust: 0.3
vendor:	cisco	model:	jabber client framework components	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	prime ip express	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified sip proxy software	scope:	ne	version:	10	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.4	Trust: 0.3
vendor:	cisco	model:	security manager	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	jabber for mac	scope:	ne	version:	11.8	Trust: 0.3
vendor:	cisco	model:	netflow generation appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified sip proxy software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified ip phone	scope:	eq	version:	99510	Trust: 0.3
vendor:	cisco	model:	unified ip phone	scope:	eq	version:	89450	Trust: 0.3
vendor:	cisco	model:	telepresence supervisor mse	scope:	eq	version:	80500	Trust: 0.3
vendor:	cisco	model:	telepresence server and mse	scope:	ne	version:	701087104.4	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.10	Trust: 0.3
vendor:	cisco	model:	ucs series and series fabric interconnects	scope:	eq	version:	620063000	Trust: 0.3
vendor:	ibm	model:	rational insight	scope:	eq	version:	1.1.12	Trust: 0.3
vendor:	cisco	model:	webex meeting center	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	rational insight	scope:	eq	version:	1.1.11	Trust: 0.3
vendor:	ibm	model:	rrdi	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	cisco	model:	netflow generation appliance	scope:	ne	version:	1.1(1)	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.13	Trust: 0.3
vendor:	cisco	model:	socialminer	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	webex meetings server	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	spa112 2-port phone adapter	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	video surveillance series high-definition ip cameras	scope:	ne	version:	40002.9	Trust: 0.3
vendor:	cisco	model:	intracer	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	rrdi	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	cisco	model:	jabber for windows	scope:	eq	version:	0	Trust: 0.3
vendor:	oracle	model:	oss support tools	scope:	eq	version:	8.8.15.7.15	Trust: 0.3
vendor:	cisco	model:	prime infrastructure	scope:	ne	version:	3.2	Trust: 0.3
vendor:	cisco	model:	telepresence video communication server	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	video surveillance 4300e and 4500e high-definition ip cameras	scope:	ne	version:	2.9	Trust: 0.3
vendor:	cisco	model:	computer telephony integration object server	scope:	ne	version:	11.6.1	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	eq	version:	11000	Trust: 0.3
vendor:	cisco	model:	telepresence sx series	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence server on multiparty media and	scope:	eq	version:	3103200	Trust: 0.3
vendor:	openssl	model:	project openssl	scope:	eq	version:	1.1	Trust: 0.3
vendor:	cisco	model:	content security appliance update servers	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	rational insight	scope:	eq	version:	1.1	Trust: 0.3
vendor:	cisco	model:	videoscape anyres live	scope:	ne	version:	9.7.2	Trust: 0.3
vendor:	cisco	model:	unified ip phone	scope:	eq	version:	99710	Trust: 0.3
vendor:	oracle	model:	transportation management	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	firesight system software	scope:	ne	version:	5.4.1.9	Trust: 0.3
vendor:	cisco	model:	universal small cell iuh	scope:	ne	version:	3.17.3	Trust: 0.3
vendor:	cisco	model:	ata analog telephone adaptor	scope:	eq	version:	1870	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.1.1	Trust: 0.3
vendor:	cisco	model:	ios and cisco ios xe software	scope:	ne	version:	16.4	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	ne	version:	500-326.1	Trust: 0.3
vendor:	cisco	model:	unity express	scope:	ne	version:	10	Trust: 0.3
vendor:	cisco	model:	expressway series	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	virtualization experience media edition	scope:	ne	version:	11.8	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	ne	version:	5.1.8	Trust: 0.3
vendor:	cisco	model:	small business series managed switches	scope:	eq	version:	3000	Trust: 0.3
vendor:	ibm	model:	rrdi	scope:	eq	version:	2.0.6	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	ne	version:	10006.1	Trust: 0.3
vendor:	cisco	model:	telepresence isdn gateway	scope:	eq	version:	32410	Trust: 0.3
vendor:	cisco	model:	telepresence mcu	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	edge digital media player	scope:	eq	version:	3000	Trust: 0.3
vendor:	cisco	model:	series smart plus switches	scope:	eq	version:	2200	Trust: 0.3
vendor:	oracle	model:	enterprise manager ops center	scope:	eq	version:	12.2.2	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	1000v0	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.5.1	Trust: 0.3
vendor:	ibm	model:	rational insight	scope:	eq	version:	1.1.1.6	Trust: 0.3
vendor:	cisco	model:	virtual security gateway	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	rational insight	scope:	eq	version:	1.1.1.5	Trust: 0.3
vendor:	cisco	model:	telepresence tx9000 series	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	series digital media players	scope:	eq	version:	43000	Trust: 0.3
vendor:	cisco	model:	telepresence system series	scope:	ne	version:	30006.1	Trust: 0.3
vendor:	cisco	model:	universal small cell series	scope:	eq	version:	70003.4.2.0	Trust: 0.3
vendor:	cisco	model:	unity connection	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	security manager	scope:	ne	version:	4.13	Trust: 0.3
vendor:	cisco	model:	ucs b-series blade servers	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ucs standalone c-series rack server integrated management cont	scope:	eq	version:	-0	Trust: 0.3
vendor:	cisco	model:	telepresence integrator c series	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	spectrum control	scope:	eq	version:	5.2.9	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3381	Trust: 0.3
vendor:	cisco	model:	enterprise content delivery system	scope:	ne	version:	2.6.9	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	60000	Trust: 0.3
vendor:	cisco	model:	mds series multilayer switches 5.2.8	scope:	ne	version:	9000	Trust: 0.3
vendor:	cisco	model:	series digital media players 5.4.1 rb4	scope:	ne	version:	4300	Trust: 0.3
vendor:	cisco	model:	ucs standalone c-series rack server integrated management cont	scope:	ne	version:	-3.0	Trust: 0.3
vendor:	cisco	model:	ios and cisco ios xe software	scope:	ne	version:	16.1	Trust: 0.3
vendor:	cisco	model:	prime network	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence tx9000 series	scope:	ne	version:	6.1	Trust: 0.3
vendor:	cisco	model:	prime performance manager	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	smart net total care local collector appliance	scope:	eq	version:	-0	Trust: 0.3
vendor:	cisco	model:	prime collaboration provisioning	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.12	Trust: 0.3
vendor:	cisco	model:	connected grid routers	scope:	ne	version:	15.8.9	Trust: 0.3
vendor:	cisco	model:	network analysis module	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series fabric switches aci mode	scope:	eq	version:	9000-0	Trust: 0.3
vendor:	cisco	model:	prime performance manager sp1611	scope:	ne	version:	1.7	Trust: 0.3
vendor:	ibm	model:	worklight consumer edition	scope:	eq	version:	6.1.0.1	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.12	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.22	Trust: 0.3
vendor:	cisco	model:	unified ip phone 9.3 sr3	scope:	ne	version:	6901	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.16	Trust: 0.3
vendor:	cisco	model:	telepresence server and mse	scope:	eq	version:	701087100	Trust: 0.3
vendor:	cisco	model:	mds series multilayer switches	scope:	ne	version:	90006.2.19	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	ne	version:	270015.5(3)	Trust: 0.3
vendor:	ibm	model:	spectrum control	scope:	eq	version:	5.2.11	Trust: 0.3
vendor:	cisco	model:	telepresence server on virtual machine	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	webex meetings for android	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series switches 5.2.8	scope:	ne	version:	5000	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3376	Trust: 0.3
vendor:	cisco	model:	digital media manager 5.4.1 rb4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified workforce optimization quality management solution	scope:	eq	version:	-0	Trust: 0.3
vendor:	cisco	model:	telepresence integrator c series tc7.3.7	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	spa122 analog telephone adapter with router	scope:	ne	version:	1.4.2	Trust: 0.3
vendor:	cisco	model:	cloud object storage	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	sterling connect:express for unix	scope:	eq	version:	1.4	Trust: 0.3
vendor:	ibm	model:	rrdi	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	ibm	model:	worklight enterprise edition	scope:	eq	version:	6.1.0.2	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.14	Trust: 0.3
vendor:	cisco	model:	unified intelligent contact management enterprise	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	application and content networking system	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for ios	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ace application control engine	scope:	eq	version:	47100	Trust: 0.3
vendor:	oracle	model:	oss support tools	scope:	ne	version:	8.15.17.3.14	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for mac os	scope:	eq	version:	x0	Trust: 0.3
vendor:	cisco	model:	prime infrastructure plug and play standalone gateway	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	virtual security gateway	scope:	ne	version:	2.1.6	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	ne	version:	50006.2.19	Trust: 0.3
vendor:	cisco	model:	telepresence conductor	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	application policy infrastructure controller	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	jabber for mac	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	jabber for iphone and ipad	scope:	ne	version:	11.8	Trust: 0.3
vendor:	cisco	model:	prime network registrar	scope:	ne	version:	9.0	Trust: 0.3
vendor:	ibm	model:	worklight enterprise edition	scope:	eq	version:	6.1.0.1	Trust: 0.3
vendor:	cisco	model:	telepresence video communication server	scope:	ne	version:	x8.8.3	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.4.1	Trust: 0.3
vendor:	cisco	model:	series digital media players 5.4.1 rb4	scope:	ne	version:	4400	Trust: 0.3
vendor:	ibm	model:	sterling connect:express for unix	scope:	eq	version:	1.5.0	Trust: 0.3
vendor:	cisco	model:	multicast manager	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	aironet series access points	scope:	ne	version:	270016.3	Trust: 0.3
vendor:	ibm	model:	cognos business intelligence server	scope:	eq	version:	10.2	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for ios	scope:	ne	version:	4.0.7	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	ne	version:	5.8.0.32.8	Trust: 0.3
vendor:	cisco	model:	webex node for mcs	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence mcu	scope:	ne	version:	4.5(1.89)	Trust: 0.3
vendor:	cisco	model:	management appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client for windows	scope:	ne	version:	4.0.7	Trust: 0.3
vendor:	cisco	model:	videoscape anyres live	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	video surveillance ptz ip cameras	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	video distribution suite for internet streaming	scope:	ne	version:	4.003(002)	Trust: 0.3
vendor:	cisco	model:	telepresence server on multiparty media	scope:	ne	version:	8204.4	Trust: 0.3
vendor:	cisco	model:	telepresence serial gateway series	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.3	Trust: 0.3
vendor:	cisco	model:	unified ip phone	scope:	eq	version:	89610	Trust: 0.3
vendor:	cisco	model:	expressway series	scope:	ne	version:	x8.8.3	Trust: 0.3
vendor:	cisco	model:	prime network	scope:	ne	version:	431	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	eq	version:	500-320	Trust: 0.3
vendor:	cisco	model:	unified attendant console enterprise edition	scope:	eq	version:	0	Trust: 0.3
vendor:	oracle	model:	transportation management	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cisco	model:	unified contact center express	scope:	eq	version:	0	Trust: 0.3
vendor:	oracle	model:	vm virtualbox	scope:	eq	version:	5.0.26	Trust: 0.3
vendor:	cisco	model:	network analysis module 6.2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	telepresence system ex series ce8.2.2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	-	Trust: 0.3
vendor:	cisco	model:	mxe series media experience engines	scope:	eq	version:	35000	Trust: 0.3
vendor:	cisco	model:	universal small cell cloudbase factory recovery root filesystem	scope:	ne	version:	3.17.3	Trust: 0.3
vendor:	cisco	model:	videoscape control suite	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ip series phones vpn feature	scope:	eq	version:	8800-0	Trust: 0.3
vendor:	cisco	model:	tandberg codian mse	scope:	eq	version:	83200	Trust: 0.3
vendor:	ibm	model:	flex system manager	scope:	eq	version:	1.3.3.0	Trust: 0.3
vendor:	ibm	model:	mobilefirst platform foundation	scope:	eq	version:	7.0.0.0	Trust: 0.3
vendor:	oracle	model:	enterprise manager base platform	scope:	eq	version:	13.2.0.0	Trust: 0.3
vendor:	cisco	model:	unified meetingplace 8.6mr1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	telepresence mx series	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	tapi service provider	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	video surveillance series ip cameras	scope:	ne	version:	70002.9	Trust: 0.3
vendor:	cisco	model:	telepresence system	scope:	eq	version:	500-370	Trust: 0.3
vendor:	cisco	model:	spa525g 5-line ip phone	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	telepresence profile series	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	unified ip conference phone for third-party call control 9.3 sr3	scope:	ne	version:	8831	Trust: 0.3
vendor:	cisco	model:	unified ip series phones	scope:	eq	version:	79000	Trust: 0.3
vendor:	cisco	model:	spa232d multi-line dect analog telephone adapter	scope:	ne	version:	1.4.2	Trust: 0.3
vendor:	cisco	model:	nexus series fabric switches aci mode	scope:	ne	version:	9000-0	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.6	Trust: 0.3
vendor:	cisco	model:	visual quality experience tools server	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	virtualization experience media edition	scope:	eq	version:	0	Trust: 0.3
vendor:	oracle	model:	enterprise manager ops center	scope:	eq	version:	12.3.2	Trust: 0.3
vendor:	cisco	model:	emergency responder	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	tivoli storage productivity center	scope:	eq	version:	5.2.7	Trust: 0.3
vendor:	cisco	model:	registered envelope service	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	universal small cell series	scope:	ne	version:	70003.5.12.23	Trust: 0.3
vendor:	cisco	model:	firesight system software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	webex meetings client hosted t32	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified meetingplace	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	security virtual server protection for vmware	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	cisco	model:	unified contact center express	scope:	ne	version:	11.6	Trust: 0.3
vendor:	cisco	model:	webex meetings server	scope:	ne	version:	2.6.1.30	Trust: 0.3

sources: BID: 93177 // JVNDB: JVNDB-2016-004995 // NVD: CVE-2016-6309 // CNNVD: CNNVD-201609-598

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2016-6309
value:	CRITICAL
Trust: 1.8
CNNVD:	CNNVD-201609-598
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2016-6309
value:	HIGH
Trust: 0.1

NVD:
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2016-6309
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.9

NVD:
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2016-6309
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2016-6309 // JVNDB: JVNDB-2016-004995 // NVD: CVE-2016-6309 // CNNVD: CNNVD-201609-598

PROBLEMTYPE DATA

problemtype:	CWE-416	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2016-004995 // NVD: CVE-2016-6309

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-598

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201609-598

CONFIGURATIONS

sources: NVD: CVE-2016-6309

PATCH

title:	cisco-sa-20160927-openssl	url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl	Trust: 0.8
title:	OpenSSL 1.1.0 Series Release Notes	url:	https://www.openssl.org/news/openssl-1.1.0-notes.html	Trust: 0.8
title:	Fix Use After Free for large message sizes	url:	https://git.openssl.org/?p=openssl.git;a=commit;h=acacbfa7565c78d2273c0b2a2e5e803f44afefeb	Trust: 0.8
title:	Fix Use After Free for large message sizes (CVE-2016-6309)	url:	https://www.openssl.org/news/secadv/20160926.txt	Trust: 0.8
title:	Oracle Critical Patch Update Advisory - October 2016	url:	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	Trust: 0.8
title:	OpenSSL Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64376	Trust: 0.6
title:	The Register	url:	https://www.theregister.co.uk/2016/09/26/openssl_patches_last_weeks_patch/	Trust: 0.2
title:	Red Hat: CVE-2016-6309	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2016-6309	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=cve-2016-6309	Trust: 0.1
title:	Oracle: Oracle Critical Patch Update Advisory - January 2017	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=69e9536e77203a3c76b24dd89f4f9300	Trust: 0.1
title:	Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=tns-2016-16	Trust: 0.1
title:	Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016	url:	https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=1e6dcaf5dac6ef96a7d917a8c1393040	Trust: 0.1
title:	Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20160927-openssl	Trust: 0.1
title:	Oracle: Oracle Critical Patch Update Advisory - October 2016	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=05aabe19d38058b7814ef5514aab4c0c	Trust: 0.1
title:	Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=tns-2016-20	Trust: 0.1
title:	Oracle: Oracle Critical Patch Update Advisory - July 2017	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=2f446a7e1ea263c0c3a365776c6713f2	Trust: 0.1
title:	Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories&qid=a9dd8a175d084c7432b7ad47715ac50c	Trust: 0.1
title:	Oracle: Oracle Critical Patch Update Advisory - April 2018	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=4019ca77f50c7a34e4d97833e6f3321e	Trust: 0.1
title:	Oracle: Oracle Critical Patch Update Advisory - April 2017	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=143b3fb255063c81571469eaa3cf0a87	Trust: 0.1
title:	SEEKER_dataset	url:	https://github.com/sf4bin/seeker_dataset	Trust: 0.1
title:	honggfuzz	url:	https://github.com/khadas/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/crdroid-r/external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/yaap/external_honggfuzz	Trust: 0.1
title:	articles	url:	https://github.com/xinali/articles	Trust: 0.1
title:	honggfuzz	url:	https://github.com/dennissimos/platform_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/r3p3r/nixawk-honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/aosp-caf-upstream/platform_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/tinkerboard-android/rockchip-android-external-honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/jingpad-bsp/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/tinkeredger-android/external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/random-aosp-stuff/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/bananadroid/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/wave-project/external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/imbaya2466/honggfuzz_read	Trust: 0.1
title:	honggfuzz	url:	https://github.com/thexperienceproject/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/forklineageos/external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/statixos/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/aosp10-public/external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/crdroidandroid/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/tinkerboard2-android/external-honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/corvus-r/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/caf-extended/external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/protonaosp/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/protonaosp-platina/android_external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/havocr/external_honggfuzz	Trust: 0.1
title:	honggfuzz	url:	https://github.com/tomoms/android_external_honggfuzz	Trust: 0.1
title:	Honggfuzz	url:	https://github.com/ep-infosec/50_google_honggfuzz	Trust: 0.1
title:	Honggfuzz	url:	https://github.com/lllnx/lllnx	Trust: 0.1
title:	Honggfuzz	url:	https://github.com/google/honggfuzz	Trust: 0.1
title:	OpenSSL-CVE-lib	url:	https://github.com/chnzzh/openssl-cve-lib	Trust: 0.1

sources: VULMON: CVE-2016-6309 // JVNDB: JVNDB-2016-004995 // CNNVD: CNNVD-201609-598

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6309	Trust: 2.8
db:	BID	id:	93177	Trust: 1.4
db:	JUNIPER	id:	JSA10759	Trust: 1.1
db:	TENABLE	id:	TNS-2016-16	Trust: 1.1
db:	TENABLE	id:	TNS-2016-20	Trust: 1.1
db:	SECTRACK	id:	1036885	Trust: 1.1
db:	JVN	id:	JVNVU99474230	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-004995	Trust: 0.8
db:	CNNVD	id:	CNNVD-201609-598	Trust: 0.6
db:	VULMON	id:	CVE-2016-6309	Trust: 0.1

sources: VULMON: CVE-2016-6309 // BID: 93177 // JVNDB: JVNDB-2016-004995 // NVD: CVE-2016-6309 // CNNVD: CNNVD-201609-598

REFERENCES

url:	https://www.openssl.org/news/secadv/20160926.txt	Trust: 1.4
url:	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	Trust: 1.4
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21995039	Trust: 1.4
url:	http://www.securityfocus.com/bid/93177	Trust: 1.2
url:	https://bto.bluecoat.com/security-advisory/sa132	Trust: 1.1
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10759	Trust: 1.1
url:	https://www.tenable.com/security/tns-2016-16	Trust: 1.1
url:	http://www.securitytracker.com/id/1036885	Trust: 1.1
url:	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	Trust: 1.1
url:	https://www.tenable.com/security/tns-2016-20	Trust: 1.1
url:	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	Trust: 1.1
url:	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html	Trust: 1.1
url:	https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbhf03856en_us	Trust: 1.1
url:	https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=acacbfa7565c78d2273c0b2a2e5e803f44afefeb	Trust: 1.1
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6309	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu99474230/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6309	Trust: 0.8
url:	http://openssl.org/	Trust: 0.3
url:	https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507	Trust: 0.3
url:	http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html	Trust: 0.3
url:	http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21993061	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21995129	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21995392	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21995393	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21995691	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21996181	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/416.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=49041	Trust: 0.1
url:	https://github.com/xinali/articles	Trust: 0.1

sources: VULMON: CVE-2016-6309 // BID: 93177 // JVNDB: JVNDB-2016-004995 // NVD: CVE-2016-6309 // CNNVD: CNNVD-201609-598

CREDITS

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

Trust: 0.6

sources: CNNVD: CNNVD-201609-598

SOURCES

db:	VULMON	id:	CVE-2016-6309
db:	BID	id:	93177
db:	JVNDB	id:	JVNDB-2016-004995
db:	NVD	id:	CVE-2016-6309
db:	CNNVD	id:	CNNVD-201609-598

LAST UPDATE DATE

2023-12-25T20:38:46.477000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2016-6309	date:	2023-11-07T00:00:00
db:	BID	id:	93177	date:	2017-05-02T00:06:00
db:	JVNDB	id:	JVNDB-2016-004995	date:	2016-12-05T00:00:00
db:	NVD	id:	CVE-2016-6309	date:	2023-11-07T02:33:57.517
db:	CNNVD	id:	CNNVD-201609-598	date:	2019-02-21T00:00:00

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2016-6309	date:	2016-09-26T00:00:00
db:	BID	id:	93177	date:	2016-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-004995	date:	2016-09-30T00:00:00
db:	NVD	id:	CVE-2016-6309	date:	2016-09-26T19:59:06.393
db:	CNNVD	id:	CNNVD-201609-598	date:	2016-09-27T00:00:00