U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2013-2566

Change History

Modified Analysis 11/23/2020 2:48:41 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp2280
     OR
          cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp2280
     OR
          cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp2280
     OR
          cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
     OR
          cpe:2.3:h:fujitsu:sparc_enterprise_m3000:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
     OR
          cpe:2.3:h:fujitsu:sparc_enterprise_m4000:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
     OR
          cpe:2.3:h:fujitsu:sparc_enterprise_m5000:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
     OR
          cpe:2.3:h:fujitsu:sparc_enterprise_m8000:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121
     OR
          cpe:2.3:h:fujitsu:sparc_enterprise_m9000:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* versions up to (excluding) 25.0.1
     *cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* versions up to (excluding) 17.0.11
     *cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* versions from (including) 24.1.0 up to (excluding) 24.1.1
     *cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* versions up to (excluding) 2.22.1
     *cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* versions up to (excluding) 24.1.1
     *cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:* versions up to (excluding) 17.0.11
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:* versions up to (including) 1121
OR
     *cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:* versions from (including) 3.0.0 up to (including) 3.9.1
     *cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*
     *cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:* versions from (including) 3.0.0 up to (including) 3.2.11
     *cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:* versions from (including) 4.0.0 up to (including) 4.0.4
Removed CPE Configuration
OR
     *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
     *cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
     *cpe:2.3:a:microsoft:ie:*:*:*:*:*:*:*:*
     *cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
     *cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
     *cpe:2.3:a:jboss:jboss_enterprise_application_server:*:*:*:*:*:*:*:*
     *cpe:2.3:a:microsoft:iis:*:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:glassfish:*:*:*:*:*:*:*:*
     *cpe:2.3:a:sun:glassfish_enterprise_server:*:*:*:*:*:*:*:*

								
						
Added CWE

								
							
							
						
NIST CWE-326
Removed CWE
NIST CWE-310

								
						
Removed Evaluator Description
The vulnerability is in the protocols and the vulnerable configurations contain a non-exhaustive list of products which likely use the protocols described in this vulnerability.

								
						
Changed Reference Type
http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html No Types Assigned
http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html Third Party Advisory
Changed Reference Type
http://cr.yp.to/talks/2013.03.12/slides.pdf No Types Assigned
http://cr.yp.to/talks/2013.03.12/slides.pdf Third Party Advisory
Changed Reference Type
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 No Types Assigned
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 Third Party Advisory
Changed Reference Type
http://marc.info/?l=bugtraq&m=143039468003789&w=2 No Types Assigned
http://marc.info/?l=bugtraq&m=143039468003789&w=2 Issue Tracking, Third Party Advisory
Changed Reference Type
http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4 No Types Assigned
http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4 Third Party Advisory
Changed Reference Type
http://security.gentoo.org/glsa/glsa-201406-19.xml No Types Assigned
http://security.gentoo.org/glsa/glsa-201406-19.xml Third Party Advisory
Changed Reference Type
http://www.isg.rhul.ac.uk/tls/ No Types Assigned
http://www.isg.rhul.ac.uk/tls/ Third Party Advisory
Changed Reference Type
http://www.mozilla.org/security/announce/2013/mfsa2013-103.html No Types Assigned
http://www.mozilla.org/security/announce/2013/mfsa2013-103.html Third Party Advisory
Changed Reference Type
http://www.opera.com/docs/changelogs/unified/1215/ No Types Assigned
http://www.opera.com/docs/changelogs/unified/1215/ Third Party Advisory
Changed Reference Type
http://www.opera.com/security/advisory/1046 No Types Assigned
http://www.opera.com/security/advisory/1046 Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/58796 No Types Assigned
http://www.securityfocus.com/bid/58796 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.ubuntu.com/usn/USN-2031-1 No Types Assigned
http://www.ubuntu.com/usn/USN-2031-1 Third Party Advisory
Changed Reference Type
http://www.ubuntu.com/usn/USN-2032-1 No Types Assigned
http://www.ubuntu.com/usn/USN-2032-1 Third Party Advisory
Changed Reference Type
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935 No Types Assigned
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935 Third Party Advisory
Changed Reference Type
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888 No Types Assigned
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888 Third Party Advisory
Changed Reference Type
https://security.gentoo.org/glsa/201504-01 No Types Assigned
https://security.gentoo.org/glsa/201504-01 Third Party Advisory