{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2015-2808", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-06T05:24:38.828Z", "dateReserved": "2015-03-31T00:00:00", "datePublished": "2015-04-01T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-09-07T16:46:59.848306"}, "descriptions": [{"lang": "en", "value": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"name": "SSRT102127", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143818140118771&w=2"}, {"name": "RHSA-2015:1243", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"}, {"name": "RHSA-2015:1007", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"}, {"name": "HPSBGN03367", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143817899717054&w=2"}, {"name": "HPSBUX03512", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"}, {"name": "RHSA-2015:1006", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256"}, {"url": "https://kb.juniper.net/JSA10783"}, {"name": "1033737", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1033737"}, {"name": "SUSE-SU-2015:2192", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"}, {"name": "HPSBGN03399", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144060576831314&w=2"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"name": "1036222", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1036222"}, {"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"}, {"name": "SSRT102129", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143817899717054&w=2"}, {"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"}, {"name": "GLSA-201512-10", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/201512-10"}, {"name": "RHSA-2015:1229", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650"}, {"name": "1032600", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032600"}, {"name": "1032910", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032910"}, {"name": "USN-2706-1", "tags": ["vendor-advisory"], "url": "http://www.ubuntu.com/usn/USN-2706-1"}, {"name": "RHSA-2015:1526", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"}, {"name": "SSRT102133", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143817021313142&w=2"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"}, {"name": "1032599", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032599"}, {"name": "HPSBMU03401", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144104533800819&w=2"}, {"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10163"}, {"name": "HPSBMU03345", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144043644216842&w=2"}, {"name": "1032734", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032734"}, {"name": "IV71892", "tags": ["vendor-advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347"}, {"name": "1033769", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1033769"}, {"name": "1032707", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032707"}, {"name": "openSUSE-SU-2015:1289", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"}, {"name": "HPSBGN03372", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143817021313142&w=2"}, {"name": "RHSA-2015:1091", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"}, {"name": "HPSBGN03402", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144069189622016&w=2"}, {"name": "IV71888", "tags": ["vendor-advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888"}, {"name": "RHSA-2015:1228", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"}, {"name": "HPSBGN03405", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144060606031437&w=2"}, {"name": "1032708", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032708"}, {"url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055"}, {"name": "DSA-3316", "tags": ["vendor-advisory"], "url": "http://www.debian.org/security/2015/dsa-3316"}, {"name": "SUSE-SU-2015:2166", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"name": "1033415", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1033415"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"}, {"name": "HPSBGN03366", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143818140118771&w=2"}, {"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709"}, {"name": "HPSBGN03403", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144104565600964&w=2"}, {"name": "SSRT102254", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"}, {"name": "HPSBGN03407", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144102017024820&w=2"}, {"name": "1033432", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1033432"}, {"name": "HPSBGN03354", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143629696317098&w=2"}, {"name": "SUSE-SU-2015:1138", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"}, {"name": "1032858", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032858"}, {"name": "SSRT102073", "tags": ["vendor-advisory"], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922"}, {"name": "1032788", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032788"}, {"name": "USN-2696-1", "tags": ["vendor-advisory"], "url": "http://www.ubuntu.com/usn/USN-2696-1"}, {"url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf"}, {"name": "DSA-3339", "tags": ["vendor-advisory"], "url": "http://www.debian.org/security/2015/dsa-3339"}, {"name": "RHSA-2015:1020", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"}, {"name": "RHSA-2015:1242", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"}, {"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"}, {"name": "SUSE-SU-2015:1086", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"}, {"name": "1033431", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1033431"}, {"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988"}, {"name": "1032868", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032868"}, {"name": "HPSBGN03415", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144059703728085&w=2"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"}, {"name": "91787", "tags": ["vdb-entry"], "url": "http://www.securityfocus.com/bid/91787"}, {"name": "SUSE-SU-2015:1319", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"}, {"name": "SUSE-SU-2015:1320", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"}, {"name": "openSUSE-SU-2015:1288", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"}, {"name": "RHSA-2015:1241", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"}, {"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"}, {"name": "RHSA-2015:1230", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"}, {"name": "HPSBGN03338", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143456209711959&w=2"}, {"name": "1033386", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1033386"}, {"name": "HPSBMU03377", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143741441012338&w=2"}, {"name": "1033072", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1033072"}, {"name": "SSRT102150", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=143741441012338&w=2"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"}, {"name": "SUSE-SU-2015:1085", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"}, {"name": "RHSA-2015:1021", "tags": ["vendor-advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"}, {"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015"}, {"name": "SUSE-SU-2015:1073", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"}, {"name": "SUSE-SU-2015:1161", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"}, {"name": "HPSBGN03414", "tags": ["vendor-advisory"], "url": "http://marc.info/?l=bugtraq&m=144059660127919&w=2"}, {"name": "73684", "tags": ["vdb-entry"], "url": "http://www.securityfocus.com/bid/73684"}, {"name": "1032990", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1032990"}, {"name": "1033071", "tags": ["vdb-entry"], "url": "http://www.securitytracker.com/id/1033071"}, {"name": "SUSE-SU-2016:0113", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"}, {"url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}], "datePublic": "2015-03-26T00:00:00"}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:24:38.828Z"}, "title": "CVE Program Container", "references": [{"name": "SSRT102127", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143818140118771&w=2"}, {"name": "RHSA-2015:1243", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"}, {"name": "RHSA-2015:1007", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"}, {"name": "HPSBGN03367", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143817899717054&w=2"}, {"name": "HPSBUX03512", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "tags": ["x_transferred"]}, {"name": "RHSA-2015:1006", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256", "tags": ["x_transferred"]}, {"url": "https://kb.juniper.net/JSA10783", "tags": ["x_transferred"]}, {"name": "1033737", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1033737"}, {"name": "SUSE-SU-2015:2192", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"}, {"name": "HPSBGN03399", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144060576831314&w=2"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "tags": ["x_transferred"]}, {"name": "1036222", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1036222"}, {"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", "tags": ["x_transferred"]}, {"name": "SSRT102129", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143817899717054&w=2"}, {"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769", "tags": ["x_transferred"]}, {"name": "GLSA-201512-10", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/201512-10"}, {"name": "RHSA-2015:1229", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650", "tags": ["x_transferred"]}, {"name": "1032600", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032600"}, {"name": "1032910", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032910"}, {"name": "USN-2706-1", "tags": ["vendor-advisory", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2706-1"}, {"name": "RHSA-2015:1526", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"}, {"name": "SSRT102133", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143817021313142&w=2"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["x_transferred"]}, {"name": "1032599", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032599"}, {"name": "HPSBMU03401", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144104533800819&w=2"}, {"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565", "tags": ["x_transferred"]}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190", "tags": ["x_transferred"]}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380", "tags": ["x_transferred"]}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10163", "tags": ["x_transferred"]}, {"name": "HPSBMU03345", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144043644216842&w=2"}, {"name": "1032734", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032734"}, {"name": "IV71892", "tags": ["vendor-advisory", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347", "tags": ["x_transferred"]}, {"name": "1033769", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1033769"}, {"name": "1032707", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032707"}, {"name": "openSUSE-SU-2015:1289", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"}, {"name": "HPSBGN03372", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143817021313142&w=2"}, {"name": "RHSA-2015:1091", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"}, {"name": "HPSBGN03402", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144069189622016&w=2"}, {"name": "IV71888", "tags": ["vendor-advisory", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888"}, {"name": "RHSA-2015:1228", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"}, {"name": "HPSBGN03405", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144060606031437&w=2"}, {"name": "1032708", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032708"}, {"url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055", "tags": ["x_transferred"]}, {"name": "DSA-3316", "tags": ["vendor-advisory", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3316"}, {"name": "SUSE-SU-2015:2166", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "tags": ["x_transferred"]}, {"name": "1033415", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1033415"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", "tags": ["x_transferred"]}, {"name": "HPSBGN03366", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143818140118771&w=2"}, {"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709", "tags": ["x_transferred"]}, {"name": "HPSBGN03403", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144104565600964&w=2"}, {"name": "SSRT102254", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640", "tags": ["x_transferred"]}, {"name": "HPSBGN03407", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144102017024820&w=2"}, {"name": "1033432", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1033432"}, {"name": "HPSBGN03354", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143629696317098&w=2"}, {"name": "SUSE-SU-2015:1138", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"}, {"name": "1032858", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032858"}, {"name": "SSRT102073", "tags": ["vendor-advisory", "x_transferred"], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922"}, {"name": "1032788", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032788"}, {"name": "USN-2696-1", "tags": ["vendor-advisory", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2696-1"}, {"url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf", "tags": ["x_transferred"]}, {"name": "DSA-3339", "tags": ["vendor-advisory", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3339"}, {"name": "RHSA-2015:1020", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"}, {"name": "RHSA-2015:1242", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"}, {"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727", "tags": ["x_transferred"]}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241", "tags": ["x_transferred"]}, {"name": "SUSE-SU-2015:1086", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"}, {"name": "1033431", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1033431"}, {"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm", "tags": ["x_transferred"]}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988", "tags": ["x_transferred"]}, {"name": "1032868", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032868"}, {"name": "HPSBGN03415", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144059703728085&w=2"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "tags": ["x_transferred"]}, {"name": "91787", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securityfocus.com/bid/91787"}, {"name": "SUSE-SU-2015:1319", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"}, {"name": "SUSE-SU-2015:1320", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"}, {"name": "openSUSE-SU-2015:1288", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"}, {"name": "RHSA-2015:1241", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140", "tags": ["x_transferred"]}, {"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "tags": ["x_transferred"]}, {"name": "RHSA-2015:1230", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888", "tags": ["x_transferred"]}, {"name": "HPSBGN03338", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143456209711959&w=2"}, {"name": "1033386", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1033386"}, {"name": "HPSBMU03377", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143741441012338&w=2"}, {"name": "1033072", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1033072"}, {"name": "SSRT102150", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143741441012338&w=2"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789", "tags": ["x_transferred"]}, {"name": "SUSE-SU-2015:1085", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119", "tags": ["x_transferred"]}, {"name": "RHSA-2015:1021", "tags": ["vendor-advisory", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"}, {"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015", "tags": ["x_transferred"]}, {"name": "SUSE-SU-2015:1073", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935", "tags": ["x_transferred"]}, {"name": "SUSE-SU-2015:1161", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"}, {"name": "HPSBGN03414", "tags": ["vendor-advisory", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=144059660127919&w=2"}, {"name": "73684", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securityfocus.com/bid/73684"}, {"name": "1032990", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1032990"}, {"name": "1033071", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securitytracker.com/id/1033071"}, {"name": "SUSE-SU-2016:0113", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"}, {"url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "C306035B-10B2-4BC5-B6DE-194BE343DA8E", "versionEndIncluding": "3.9.0", "versionStartIncluding": "3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3AB62FE-AB1A-4162-8A51-E34EDE33DD85", "versionEndExcluding": "9.9.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "911FBD5E-213D-482F-81A9-C3B8CE7D903A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "EBD2676F-EE9D-4462-ABA5-C11CE726849C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6505AE29-5091-4C72-AF6B-932DEF53A8D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4EC475C1-A339-4C49-B6BA-A0E4D6FDF5DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "38A45A86-3B7E-4245-B717-2A6E868BE6BE", "vulnerable": true}, {"criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "24EDBB8B-1AFB-498D-B78C-7BC72B8C1085", "versionEndIncluding": "3.2.11", "versionStartIncluding": "3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3024389-3D4A-4E19-BE42-DAF9EA51D471", "versionEndIncluding": "4.0.4", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "319EC0C6-94C5-494A-9C5D-DC5124DFC8E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "A67A7B7A-998D-4B8C-8831-6E58406565FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "58D3B6FD-B474-4B09-B644-A8634A629280", "vulnerable": true}, {"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", "matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*", "matchCriteriaId": "67960FB9-13D1-4DEE-8158-31BF31BCBE6F", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*", "matchCriteriaId": "88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "2C9E2D37-9F56-49E0-BB28-56FB755CE078", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB54B753-F066-4387-B0C3-43E647A42EBE", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DBE3B60-DED8-4F47-A60F-410ECB873BAE", "versionEndExcluding": "xcp_1121", "versionStartIncluding": "xcp", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m4000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1846C0CA-AE13-435F-BF91-EEE0CC311DD5", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BBD38A2-1B17-4B28-9FE1-6D62A6337C12", "versionEndExcluding": "xcp_1121", "versionStartIncluding": "xcp", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2EDCD99-9677-45A7-9221-3A6A41917A7C", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5884F45B-F822-46B9-A0DC-6B59A3C3E7E0", "versionEndExcluding": "xcp_1121", "versionStartIncluding": "xcp", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "9581ABD4-5ED6-4EC5-8A0B-1D7A449C10D5", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9ED7A13F-9510-4FA0-96A6-D2D34D49545F", "versionEndExcluding": "xcp_1121", "versionStartIncluding": "xcp", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C4C1EC1-19BE-4E1E-8F56-47A83AD0410D", "versionEndExcluding": "xcp_1121", "versionStartIncluding": "xcp", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A2CEAD6-9F8C-411C-9107-BA858CB8A31B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:e6000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "075D228F-B3F3-44A0-9C93-510E2EF7BE16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:e6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1F66D29E-0B7F-45D3-BECC-21952F4A4850", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:e9000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA0AE74D-A6FC-44A1-80D4-CB5039FD31AC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:e9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "741F1B4C-D77D-416F-B6D9-0359F391D96F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_18500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "929D8B7A-4535-49EA-9DD6-AB83174337AA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_18500:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7AAE27E-EB13-43E2-A7F4-7973977AD936", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_18800_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E00020C-C1FB-425B-B285-BCF7450F76B0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_18800:-:*:*:*:*:*:*:*", "matchCriteriaId": "B196FDFF-8A1D-4E7D-895A-1D09ADACC396", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_18800f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "47CA0343-7F2A-45BE-B7A2-8F91F31C0912", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_18800f:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E675B6C-C847-486F-8946-F98E271E1DC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_9000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "45D279CD-1344-4200-B4DF-303739323D19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "AEC54023-CF84-4095-A3E8-2D6E334768E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_cse_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D5F81B5-BD6E-4B10-8EB9-AE0929E3DCE6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_cse:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E9846D2-4A8C-421E-8FE0-F6091DD2B30E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2453CC3-FDD3-4C42-9D17-C231DA2D1F41", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_hvs85t:-:*:*:*:*:*:*:*", "matchCriteriaId": "675CCB4F-BB76-45DC-9E6E-3BD279995084", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_s2600t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBD74E7B-DB83-44DF-9A0B-D2EFF346855A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_s2600t:-:*:*:*:*:*:*:*", "matchCriteriaId": "5FFC0113-86D7-45B1-975F-B24AF1951C4A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_s5500t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E3E931B-BD89-48D1-BE5F-0BDBF78914C0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_s5500t:-:*:*:*:*:*:*:*", "matchCriteriaId": "F36770F0-2E40-42FF-BD7B-7AE2C84E62A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_s5600t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "63E1D8ED-A4EC-46B4-A0C0-8F46262F1D2F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_s5600t:-:*:*:*:*:*:*:*", "matchCriteriaId": "6830C365-357D-41A3-8AA7-3B4854260762", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_s5800t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A307235-4B7B-40EE-807A-9C8FFD8DF72C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_s5800t:-:*:*:*:*:*:*:*", "matchCriteriaId": "866A8777-DB2A-4915-8DA6-1AF751742354", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_s6800t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "488319BB-6D39-4AA5-85A8-840EF46227F4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_s6800t:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1F50E5B-8733-43AB-B6CF-66AC7305E2DB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:oceanstor_vis6600t_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0BC3C090-EB04-4A0D-8644-51002CF2ABF5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:oceanstor_vis6600t:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D0988C3-BAE5-4B5A-92FC-9D275B4DE9F5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:quidway_s9300:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E756FE8-F106-4BFD-B33B-CC198363D2FD", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:quidway_s9300_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F01C05D-6937-4FAD-A0E1-6168EE1D7CE4", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF102265-497A-4766-80C8-323D511B4EAF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF102265-497A-4766-80C8-323D511B4EAF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A3C463F-2C0B-4269-95ED-A578C01E0F55", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:*", "matchCriteriaId": "D2A9F6EB-8B6E-465C-B441-C4861771861E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A3C463F-2C0B-4269-95ED-A578C01E0F55", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:*", "matchCriteriaId": "D2A9F6EB-8B6E-465C-B441-C4861771861E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "89D69269-4251-4CE9-AD67-4968A917C1E0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*", "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "89D69269-4251-4CE9-AD67-4968A917C1E0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*", "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s2700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "540F0482-7F5E-4688-B282-97A6576E0A6D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s3700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "789A2B2D-99B1-4AA5-BB39-65D58D8B59B0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s3700:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7F84390-E120-406B-967D-B473EB110EA9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700ei_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9FD39BD-0D24-4C1E-969C-C9509AE8A0D8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700ei:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B0BE6C3-1FB2-4718-AA9D-1A8D8663C195", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700hi_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "409A4E21-B8D8-445F-A9C4-3CDA73189CA9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700hi:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED775342-B93C-4DF9-BC62-B6BE549F1B29", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700si_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "31FB20E5-4830-411C-AE4B-6B2E180C0972", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700si:-:*:*:*:*:*:*:*", "matchCriteriaId": "24C4DC87-DE8C-461F-A555-F6E9A71C1C48", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5710ei_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "95E7ABCB-D0C0-4C18-A7AC-8C1EBD5E4E87", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5710ei:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2D59F3D-CC4A-4ADD-B83C-5CE3F0546622", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5710hi_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "065508F6-D026-4C99-B6F9-AE25CB1124D3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5710hi:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DFF0F26-CDF2-49B0-AED7-EEA4B9E99E8C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s6700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "86E35CBD-4488-4E64-BEA2-A2E89A4BB9E2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0C6E3C4-5677-49B6-9D35-FAC2E550F311", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7859972-B7B8-4619-AAED-22B6B14852BC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1755FB01-C830-4147-B0BF-7D422A7D2181", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:*", "matchCriteriaId": "21B89917-2B3D-4BA5-8836-ADEECF46E976", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DF808C1-3081-4FC7-8661-FBF6A04761B6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:*", "matchCriteriaId": "86FFC3BE-77A0-4202-9AE0-06D8D67F6539", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A960DA7-8B35-43B3-B15F-F3F7E14BF308", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB64BC36-693E-4101-9C13-4A4C572A4EDE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0C6E3C4-5677-49B6-9D35-FAC2E550F311", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7859972-B7B8-4619-AAED-22B6B14852BC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1755FB01-C830-4147-B0BF-7D422A7D2181", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:*", "matchCriteriaId": "21B89917-2B3D-4BA5-8836-ADEECF46E976", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DF808C1-3081-4FC7-8661-FBF6A04761B6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:*", "matchCriteriaId": "86FFC3BE-77A0-4202-9AE0-06D8D67F6539", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A960DA7-8B35-43B3-B15F-F3F7E14BF308", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB64BC36-693E-4101-9C13-4A4C572A4EDE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5720ei_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A799E13-49E1-4CFB-BB7D-5E528C7E0FE3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5720ei:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7B06975-BD37-452D-9782-B768610D3777", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:te60_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D65BF93A-9246-48CB-8510-F6B0380F48D9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*", "matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:huawei:oceanstor_replicationdirector:v100r003c00:*:*:*:*:*:*:*", "matchCriteriaId": "0A0D7527-BCA2-4CF5-A793-1C01F6570679", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:policy_center:v100r003c00:*:*:*:*:*:*:*", "matchCriteriaId": "95CA0A4C-2571-4593-A075-9A6A7EABBB33", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:policy_center:v100r003c10:*:*:*:*:*:*:*", "matchCriteriaId": "16D46E9E-7F34-49C4-B56F-9090157FAD6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:smc2.0:v100r002c01:*:*:*:*:*:*:*", "matchCriteriaId": "8D6E37DD-6CEA-443A-80C2-79E28C78D7CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:smc2.0:v100r002c02:*:*:*:*:*:*:*", "matchCriteriaId": "BE1A9027-21FC-45E0-98B2-BFB8B5BE484D", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:smc2.0:v100r002c03:*:*:*:*:*:*:*", "matchCriteriaId": "EC8620BB-7730-4C8F-8B4B-21389636B3C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:smc2.0:v100r002c04:*:*:*:*:*:*:*", "matchCriteriaId": "D971D78C-A6F3-438D-A292-54A9A226FFE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:huawei:ultravr:v100r003c00:*:*:*:*:*:*:*", "matchCriteriaId": "648D923E-BF31-4DF4-B160-66874A8E45AF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:cognos_metrics_manager:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "23F3243D-14BB-45F4-BBF6-DD45B8729B6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cognos_metrics_manager:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "97449883-5401-42C0-8FF1-6A5BEC7BC829", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cognos_metrics_manager:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "2B2DDB90-C6A1-4EE5-96F2-F0A33B2F79A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cognos_metrics_manager:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E43C2590-059B-43BE-BFD1-7B0D1020D324", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cognos_metrics_manager:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "379CF92E-AFD1-4744-AC07-6A495548F121", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue."}, {"lang": "es", "value": "El algoritmo RC4, utilizado en el protocolo TLS y el protocolo SSL, no combina correctamente los datos de estados con los datos de claves durante la fase de inicializaci\u00f3n, lo que facilita a atacantes remotos realizar ataques de recuperaci\u00f3n de texto claro contra los bytes iniciales de un flujo mediante la captura de trafico de la red que ocasionalmente depende de claves afectadas por la debilidad de la invariabilidad (Invariance Weakness), y posteriormente utilizar un acercamiento de fuerza bruta que involucra valores LSB, tambi\u00e9n conocido como el problema de 'Bar Mitzvah'."}], "id": "CVE-2015-2808", "lastModified": "2023-09-07T17:15:37.500", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-04-01T02:00:35.097", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=143456209711959&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=143629696317098&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=143741441012338&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=143817021313142&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=143817899717054&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=143818140118771&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144043644216842&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144059660127919&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144059703728085&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144060576831314&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144060606031437&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144069189622016&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144102017024820&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144104533800819&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144104565600964&w=2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2015/dsa-3316"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2015/dsa-3339"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/73684"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/91787"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032599"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032600"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032707"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032708"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032734"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032788"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032858"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032868"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032910"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032990"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033071"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033072"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033386"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033415"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033431"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033432"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033737"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033769"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1036222"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2696-1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2706-1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://kb.juniper.net/JSA10783"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10163"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201512-10"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709"}, {"source": "cve@mitre.org", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf"}, {"source": "cve@mitre.org", "url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-327"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2015:1242", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:5", "package": "java-1.7.0-oracle-1:1.7.0.85-1jpp.1.el5_11", "product_name": "Oracle Java for Red Hat Enterprise Linux 5", "release_date": "2015-07-17T00:00:00Z"}, {"advisory": "RHSA-2015:1243", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:5", "package": "java-1.6.0-sun-1:1.6.0.101-1jpp.1.el5_11", "product_name": "Oracle Java for Red Hat Enterprise Linux 5", "release_date": "2015-07-17T00:00:00Z"}, {"advisory": "RHSA-2015:1241", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6", "package": "java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el6_6", "product_name": "Oracle Java for Red Hat Enterprise Linux 6", "release_date": "2015-07-17T00:00:00Z"}, {"advisory": "RHSA-2015:1242", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6", "package": "java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el6_6", "product_name": "Oracle Java for Red Hat Enterprise Linux 6", "release_date": "2015-07-17T00:00:00Z"}, {"advisory": "RHSA-2015:1243", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6", "package": "java-1.6.0-sun-1:1.6.0.101-1jpp.1.el6_6", "product_name": "Oracle Java for Red Hat Enterprise Linux 6", "release_date": "2015-07-17T00:00:00Z"}, {"advisory": "RHSA-2015:1241", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7", "package": "java-1.8.0-oracle-1:1.8.0.51-1jpp.2.el7_1", "product_name": "Oracle Java for Red Hat Enterprise Linux 7", "release_date": "2015-07-17T00:00:00Z"}, {"advisory": "RHSA-2015:1242", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7", "package": "java-1.7.0-oracle-1:1.7.0.85-1jpp.2.el7_1", "product_name": "Oracle Java for Red Hat Enterprise Linux 7", "release_date": "2015-07-17T00:00:00Z"}, {"advisory": "RHSA-2015:1243", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7", "package": "java-1.6.0-sun-1:1.6.0.101-1jpp.1.el7_1", "product_name": "Oracle Java for Red Hat Enterprise Linux 7", "release_date": "2015-07-17T00:00:00Z"}, {"advisory": "RHSA-2015:1230", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el5_11", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2015-07-15T00:00:00Z"}, {"advisory": "RHSA-2015:1526", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el5_11", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2015-07-30T00:00:00Z"}, {"advisory": "RHSA-2015:1006", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el5", "product_name": "Red Hat Enterprise Linux 5 Supplementary", "release_date": "2015-05-13T00:00:00Z"}, {"advisory": "RHSA-2015:1007", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5", "product_name": "Red Hat Enterprise Linux 5 Supplementary", "release_date": "2015-05-13T00:00:00Z"}, {"advisory": "RHSA-2015:1021", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el5", "product_name": "Red Hat Enterprise Linux 5 Supplementary", "release_date": "2015-05-20T00:00:00Z"}, {"advisory": "RHSA-2015:1228", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "java-1.8.0-openjdk-1:1.8.0.51-0.b16.el6_6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-07-15T00:00:00Z"}, {"advisory": "RHSA-2015:1229", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "java-1.7.0-openjdk-1:1.7.0.85-2.6.1.3.el6_6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-07-15T00:00:00Z"}, {"advisory": "RHSA-2015:1526", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el6_7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-07-30T00:00:00Z"}, {"advisory": "RHSA-2015:1228", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "java-1.8.0-openjdk-1:1.8.0.51-1.b16.el7_1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-07-15T00:00:00Z"}, {"advisory": "RHSA-2015:1229", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "java-1.7.0-openjdk-1:1.7.0.85-2.6.1.2.el7_1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-07-15T00:00:00Z"}, {"advisory": "RHSA-2015:1526", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "java-1.6.0-openjdk-1:1.6.0.36-1.13.8.1.el7_1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-07-30T00:00:00Z"}, {"advisory": "RHSA-2015:1091", "cpe": "cpe:/a:redhat:network_satellite:5.6::el5", "package": "java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el5", "product_name": "Red Hat Satellite 5.6", "release_date": "2015-06-11T00:00:00Z"}, {"advisory": "RHSA-2015:1091", "cpe": "cpe:/a:redhat:network_satellite:5.7::el6", "package": "java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6", "product_name": "Red Hat Satellite 5.7", "release_date": "2015-06-11T00:00:00Z"}, {"advisory": "RHSA-2015:1006", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2015-05-13T00:00:00Z"}, {"advisory": "RHSA-2015:1020", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2015-05-20T00:00:00Z"}, {"advisory": "RHSA-2015:1021", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2015-05-20T00:00:00Z"}, {"advisory": "RHSA-2015:1020", "cpe": "cpe:/a:redhat:rhel_extras:7", "package": "java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1", "product_name": "Supplementary for Red Hat Enterprise Linux 7", "release_date": "2015-05-20T00:00:00Z"}], "bugzilla": {"description": "SSL/TLS: \"Invariance Weakness\" vulnerability in RC4 stream cipher", "id": "1207101", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207101"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "status": "verified"}, "details": ["The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue."], "name": "CVE-2015-2808", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "gnutls", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "nss", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Affected", "package_name": "openssl", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "gnutls", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "nss", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "openssl", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "gnutls", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "nss", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "openssl", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2015-03-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-2808\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-2808\nhttp://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf"], "statement": "This flaw is related to the design of the RC4 protocol and not its implementation. Therefore there are no plans to correct this issue in Red Hat Enterprise Linux 5, 6 and 7. Future updates may disable the use of RC4 in various components.", "threat_severity": "Moderate"}