Vulnerability Change Records for CVE-2019-1559

Change History

CVE Modified by OpenSSL Software Foundation 10/09/2019 4:15:24 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://support.f5.com/csp/article/K18549143?utm_source=f5support&utm_medium=RSS [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/04/2019 6:29:00 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20190301-0002/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/02/2019 6:29:03 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html [No Types Assigned]

Modified Analysis 3/28/2019 8:42:09 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.4.0:*:*:*:*:*:*:*
     *cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:* versions from (including) 5.0.0 up to (including) 5.1.0
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:* versions up to (including) 8.2.3
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html Third Party Advisory
Changed Reference Type
https://support.f5.com/csp/article/K18549143 No Types Assigned
https://support.f5.com/csp/article/K18549143 Third Party Advisory
Changed Reference Type
https://www.tenable.com/security/tns-2019-02 No Types Assigned
https://www.tenable.com/security/tns-2019-02 Patch, Third Party Advisory

CVE Modified by OpenSSL Software Foundation 9/20/2019 10:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/ [No Types Assigned]

Modified Analysis 4/25/2019 8:24:22 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:hyper_converged_infrastructure:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
     *cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
     *cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:* versions from (including) 9.0.0 up to (including) 9.0.4
OR
     *cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:hyper_converged_infrastructure:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
     *cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
     *cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:* versions from (including) 9.0.0 up to (including) 9.0.4
Changed CPE Configuration
OR
     *cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html Mailing List, Third Party Advisory
Changed Reference Type
https://security.netapp.com/advisory/ntap-20190423-0002/ No Types Assigned
https://security.netapp.com/advisory/ntap-20190423-0002/ Third Party Advisory
Changed Reference Type
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html No Types Assigned
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Third Party Advisory

CVE Modified by OpenSSL Software Foundation 3/14/2019 6:29:17 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201903-10 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/26/2019 8:29:01 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2019-02 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/21/2019 12:1:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://support.f5.com/csp/article/K18549143 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 2/28/2019 6:29:00 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/107174 [No Types Assigned]
Added Reference

								
							
							
						
https://usn.ubuntu.com/3899-1/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 5/21/2019 8:29:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 11/20/2019 3:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:3929 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:3931 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 4/02/2019 2:30:21 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 8/12/2019 10:15:13 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:2437 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:2439 [No Types Assigned]

Modified Analysis 3/04/2019 10:40:56 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
     *cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:* versions from (including) 9.0.0 up to (including) 9.0.4
Changed CPE Configuration
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Changed Reference Type
https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html No Types Assigned
https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html Mailing List, Third Party Advisory
Changed Reference Type
https://security.netapp.com/advisory/ntap-20190301-0002/ No Types Assigned
https://security.netapp.com/advisory/ntap-20190301-0002/ Third Party Advisory

CVE Modified by OpenSSL Software Foundation 3/08/2019 6:29:06 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20190301-0001/ [No Types Assigned]

Initial Analysis 2/28/2019 12:8:57 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 1.0.2 up to (including) 1.0.2q
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Added CVSS V3

								
							
							
						
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Added CWE

								
							
							
						
CWE-200
Changed Reference Type
http://www.securityfocus.com/bid/107174 No Types Assigned
http://www.securityfocus.com/bid/107174 Third Party Advisory, VDB Entry
Changed Reference Type
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e No Types Assigned
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e Patch, Third Party Advisory
Changed Reference Type
https://usn.ubuntu.com/3899-1/ No Types Assigned
https://usn.ubuntu.com/3899-1/ Third Party Advisory
Changed Reference Type
https://www.openssl.org/news/secadv/20190226.txt No Types Assigned
https://www.openssl.org/news/secadv/20190226.txt Vendor Advisory

CVE Modified by OpenSSL Software Foundation 5/15/2019 5:29:00 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://kc.mcafee.com/corporate/index?page=content&id=SB10282 [No Types Assigned]

CWE Remap 8/24/2020 1:37:01 PM

Action Type Old Value New Value
Changed CWE
CWE-200
CWE-203

CVE Modified by OpenSSL Software Foundation 4/23/2019 3:32:46 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html [No Types Assigned]

Reanalysis 2/28/2019 5:26:29 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

CVE Modified by OpenSSL Software Foundation 3/01/2019 6:29:08 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.debian.org/security/2019/dsa-4400 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 4/08/2019 11:29:01 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/22/2020 1:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://usn.ubuntu.com/4376-2/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 5/15/2019 12:29:01 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2019-03 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 10/16/2019 2:15:26 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html [No Types Assigned]

Modified Analysis 3/01/2019 2:6:10 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Changed Reference Type
https://www.debian.org/security/2019/dsa-4400 No Types Assigned
https://www.debian.org/security/2019/dsa-4400 Third Party Advisory

CVE Modified by OpenSSL Software Foundation 4/23/2019 5:29:05 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20190423-0002/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 8/06/2019 1:15:44 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:2304 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 8/13/2019 2:15:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:2471 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 9/24/2019 11:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 9/26/2019 12:15:17 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 1/15/2020 3:15:23 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/security-alerts/cpujan2020.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/23/2019 7:15:36 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 6/27/2019 8:15:11 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/28/2019 6:29:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html [No Types Assigned]