| Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp2280
OR
cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp2280
OR
cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp2280
OR
cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
OR
cpe:2.3:h:fujitsu:sparc_enterprise_m3000:-:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
OR
cpe:2.3:h:fujitsu:sparc_enterprise_m4000:-:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
OR
cpe:2.3:h:fujitsu:sparc_enterprise_m5000:-:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
OR
cpe:2.3:h:fujitsu:sparc_enterprise_m8000:-:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
OR
cpe:2.3:h:fujitsu:sparc_enterprise_m9000:-:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
|
OR
*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* versions up to (excluding) 25.0.1
*cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* versions up to (excluding) 17.0.11
*cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* versions from (including) 24.1.0 up to (excluding) 24.1.1
*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* versions up to (excluding) 2.22.1
*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* versions up to (excluding) 24.1.1
*cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:* versions up to (excluding) 17.0.11
|
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
|
| Changed |
CPE Configuration |
OR
*cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:* versions up to (including) 1121
|
OR
*cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:* versions from (including) 3.0.0 up to (including) 3.9.1
*cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
*cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*
*cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*
*cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:*
*cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*
*cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:* versions from (including) 3.0.0 up to (including) 3.2.11
*cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:* versions from (including) 4.0.0 up to (including) 4.0.4
|
| Removed |
CPE Configuration |
OR
*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
*cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
*cpe:2.3:a:microsoft:ie:*:*:*:*:*:*:*:*
*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
*cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*
|
|
| Removed |
CPE Configuration |
OR
*cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
*cpe:2.3:a:jboss:jboss_enterprise_application_server:*:*:*:*:*:*:*:*
*cpe:2.3:a:microsoft:iis:*:*:*:*:*:*:*:*
*cpe:2.3:a:oracle:glassfish:*:*:*:*:*:*:*:*
*cpe:2.3:a:sun:glassfish_enterprise_server:*:*:*:*:*:*:*:*
|
|
| Added |
CWE |
|
NIST CWE-326
|
| Removed |
CWE |
NIST CWE-310
|
|
| Removed |
Evaluator Description |
The vulnerability is in the protocols and the vulnerable configurations contain a non-exhaustive list of products which likely use the protocols described in this vulnerability.
|
|
| Changed |
Reference Type |
http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html No Types Assigned
|
http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html Third Party Advisory
|
| Changed |
Reference Type |
http://cr.yp.to/talks/2013.03.12/slides.pdf No Types Assigned
|
http://cr.yp.to/talks/2013.03.12/slides.pdf Third Party Advisory
|
| Changed |
Reference Type |
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 No Types Assigned
|
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 Third Party Advisory
|
| Changed |
Reference Type |
http://marc.info/?l=bugtraq&m=143039468003789&w=2 No Types Assigned
|
http://marc.info/?l=bugtraq&m=143039468003789&w=2 Issue Tracking, Third Party Advisory
|
| Changed |
Reference Type |
http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4 No Types Assigned
|
http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4 Third Party Advisory
|
| Changed |
Reference Type |
http://security.gentoo.org/glsa/glsa-201406-19.xml No Types Assigned
|
http://security.gentoo.org/glsa/glsa-201406-19.xml Third Party Advisory
|
| Changed |
Reference Type |
http://www.isg.rhul.ac.uk/tls/ No Types Assigned
|
http://www.isg.rhul.ac.uk/tls/ Third Party Advisory
|
| Changed |
Reference Type |
http://www.mozilla.org/security/announce/2013/mfsa2013-103.html No Types Assigned
|
http://www.mozilla.org/security/announce/2013/mfsa2013-103.html Third Party Advisory
|
| Changed |
Reference Type |
http://www.opera.com/docs/changelogs/unified/1215/ No Types Assigned
|
http://www.opera.com/docs/changelogs/unified/1215/ Third Party Advisory
|
| Changed |
Reference Type |
http://www.opera.com/security/advisory/1046 No Types Assigned
|
http://www.opera.com/security/advisory/1046 Third Party Advisory
|
| Changed |
Reference Type |
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html No Types Assigned
|
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Third Party Advisory
|
| Changed |
Reference Type |
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html No Types Assigned
|
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html Third Party Advisory
|
| Changed |
Reference Type |
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html No Types Assigned
|
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Third Party Advisory
|
| Changed |
Reference Type |
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html No Types Assigned
|
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Third Party Advisory
|
| Changed |
Reference Type |
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html No Types Assigned
|
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Third Party Advisory
|
| Changed |
Reference Type |
http://www.securityfocus.com/bid/58796 No Types Assigned
|
http://www.securityfocus.com/bid/58796 Third Party Advisory, VDB Entry
|
| Changed |
Reference Type |
http://www.ubuntu.com/usn/USN-2031-1 No Types Assigned
|
http://www.ubuntu.com/usn/USN-2031-1 Third Party Advisory
|
| Changed |
Reference Type |
http://www.ubuntu.com/usn/USN-2032-1 No Types Assigned
|
http://www.ubuntu.com/usn/USN-2032-1 Third Party Advisory
|
| Changed |
Reference Type |
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935 No Types Assigned
|
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935 Third Party Advisory
|
| Changed |
Reference Type |
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888 No Types Assigned
|
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888 Third Party Advisory
|
| Changed |
Reference Type |
https://security.gentoo.org/glsa/201504-01 No Types Assigned
|
https://security.gentoo.org/glsa/201504-01 Third Party Advisory
|
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
