NVD

Vulnerability Change Records for CVE-2019-1559

Change History

Modified Analysis 3/01/2019 2:6:10 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:o:debian:debian_linux:9.0:::::::
Changed	Reference Type	https://www.debian.org/security/2019/dsa-4400 No Types Assigned	https://www.debian.org/security/2019/dsa-4400 Third Party Advisory

CVE Modified by OpenSSL Software Foundation 4/23/2019 3:32:46 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 8/06/2019 1:15:44 PM

Action	Type	Old Value	New Value
Added	Reference		https://access.redhat.com/errata/RHSA-2019:2304 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 9/24/2019 11:15:11 PM

Action	Type	Old Value	New Value
Added	Reference		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 5/15/2019 12:29:01 AM

Action	Type	Old Value	New Value
Added	Reference		https://www.tenable.com/security/tns-2019-03 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 1/15/2020 3:15:23 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpujan2020.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 5/21/2019 8:29:00 PM

Action	Type	Old Value	New Value
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/08/2019 6:29:06 AM

Action	Type	Old Value	New Value
Added	Reference		https://security.netapp.com/advisory/ntap-20190301-0001/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 8/12/2019 10:15:13 AM

Action	Type	Old Value	New Value
Added	Reference		https://access.redhat.com/errata/RHSA-2019:2437 [No Types Assigned]
Added	Reference		https://access.redhat.com/errata/RHSA-2019:2439 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 5/15/2019 5:29:00 AM

Action	Type	Old Value	New Value
Added	Reference		https://kc.mcafee.com/corporate/index?page=content&id=SB10282 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 8/13/2019 2:15:13 PM

Action	Type	Old Value	New Value
Added	Reference		https://access.redhat.com/errata/RHSA-2019:2471 [No Types Assigned]

Reanalysis 2/28/2019 5:26:29 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::* cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::* cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::

CVE Modified by OpenSSL Software Foundation 1/20/2021 10:15:30 AM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpujan2021.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/23/2019 7:15:36 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 4/23/2019 5:29:05 AM

Action	Type	Old Value	New Value
Added	Reference		https://security.netapp.com/advisory/ntap-20190423-0002/ [No Types Assigned]

Modified Analysis 3/28/2019 8:42:09 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.4.0::::::: cpe:2.3:a:f5:traffix_signaling_delivery_controller::::::::* versions from (including) 5.0.0 up to (including) 5.1.0
Added	CPE Configuration		OR cpe:2.3:a:tenable:nessus::::::::* versions up to (including) 8.2.3
Added	CPE Configuration		OR cpe:2.3:o:opensuse:leap:42.3:::::::
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html Third Party Advisory
Changed	Reference Type	https://support.f5.com/csp/article/K18549143 No Types Assigned	https://support.f5.com/csp/article/K18549143 Third Party Advisory
Changed	Reference Type	https://www.tenable.com/security/tns-2019-02 No Types Assigned	https://www.tenable.com/security/tns-2019-02 Patch, Third Party Advisory

CVE Modified by OpenSSL Software Foundation 3/26/2019 8:29:01 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.tenable.com/security/tns-2019-02 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/21/2019 12:1:03 PM

Action	Type	Old Value	New Value
Added	Reference		https://support.f5.com/csp/article/K18549143 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/02/2019 6:29:03 AM

Action	Type	Old Value	New Value
Added	Reference		https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html [No Types Assigned]

CWE Remap 8/24/2020 1:37:01 PM

Action	Type	Old Value	New Value
Changed	CWE	CWE-200	CWE-203

CVE Modified by OpenSSL Software Foundation 4/08/2019 11:29:01 AM

Action	Type	Old Value	New Value
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html [No Types Assigned]
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 2/28/2019 6:29:00 AM

Action	Type	Old Value	New Value
Added	Reference		http://www.securityfocus.com/bid/107174 [No Types Assigned]
Added	Reference		https://usn.ubuntu.com/3899-1/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/04/2019 6:29:00 AM

Action	Type	Old Value	New Value
Added	Reference		https://security.netapp.com/advisory/ntap-20190301-0002/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/14/2019 6:29:17 AM

Action	Type	Old Value	New Value
Added	Reference		https://security.gentoo.org/glsa/201903-10 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 11/20/2019 3:15:12 PM

Action	Type	Old Value	New Value
Added	Reference		https://access.redhat.com/errata/RHSA-2019:3929 [No Types Assigned]
Added	Reference		https://access.redhat.com/errata/RHSA-2019:3931 [No Types Assigned]

Modified Analysis 3/18/2019 11:14:53 AM

Action

Type

Old Value

New Value

Changed

CPE Configuration

OR
     *cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
     *cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:* versions from (including) 9.0.0 up to (including) 9.0.4

OR
     *cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:hyper_converged_infrastructure:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
     *cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
     *cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:* versions from (including) 9.0.0 up to (including) 9.0.4

Changed

Reference Type

https://security.gentoo.org/glsa/201903-10 No Types Assigned

https://security.gentoo.org/glsa/201903-10 Third Party Advisory

Changed

Reference Type

https://security.netapp.com/advisory/ntap-20190301-0001/ No Types Assigned

https://security.netapp.com/advisory/ntap-20190301-0001/ Patch, Third Party Advisory

CVE Modified by OpenSSL Software Foundation 10/09/2019 4:15:24 PM

Action	Type	Old Value	New Value
Added	Reference		https://support.f5.com/csp/article/K18549143?utm_source=f5support&utm_medium=RSS [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 6/27/2019 8:15:11 AM

Action	Type	Old Value	New Value
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/28/2019 6:29:00 PM

Action	Type	Old Value	New Value
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 4/02/2019 2:30:21 PM

Action	Type	Old Value	New Value
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/22/2020 1:15:12 PM

Action	Type	Old Value	New Value
Added	Reference		https://usn.ubuntu.com/4376-2/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 9/20/2019 10:15:11 PM

Action	Type	Old Value	New Value
Added	Reference		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 10/16/2019 2:15:26 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html [No Types Assigned]

Modified Analysis 3/04/2019 10:40:56 AM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:netapp:oncommand_unified_manager:-::::::: cpe:2.3:a:netapp:oncommand_workflow_automation:-::::::: cpe:2.3:a:netapp:ontap_select_deploy:-::::::: cpe:2.3:a:netapp:snapdrive:-:::::unix::* cpe:2.3:a:netapp:storagegrid:-::::::: cpe:2.3:a:netapp:storagegrid::::::::* versions from (including) 9.0.0 up to (including) 9.0.4
Changed	CPE Configuration	OR cpe:2.3:o:debian:debian_linux:9.0:::::::	OR cpe:2.3:o:debian:debian_linux:8.0::::::: cpe:2.3:o:debian:debian_linux:9.0:::::::
Changed	Reference Type	https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html No Types Assigned	https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html Mailing List, Third Party Advisory
Changed	Reference Type	https://security.netapp.com/advisory/ntap-20190301-0002/ No Types Assigned	https://security.netapp.com/advisory/ntap-20190301-0002/ Third Party Advisory

CVE Modified by OpenSSL Software Foundation 3/01/2019 6:29:08 AM

Action	Type	Old Value	New Value
Added	Reference		https://www.debian.org/security/2019/dsa-4400 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 9/26/2019 12:15:17 AM

Action	Type	Old Value	New Value
Added	Reference		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/ [No Types Assigned]

Initial Analysis 2/28/2019 12:8:57 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:openssl:openssl::::::::* versions from (including) 1.0.2 up to (including) 1.0.2q
Added	CVSS V2		(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Added	CVSS V3		AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Added	CWE		CWE-200
Changed	Reference Type	http://www.securityfocus.com/bid/107174 No Types Assigned	http://www.securityfocus.com/bid/107174 Third Party Advisory, VDB Entry
Changed	Reference Type	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e No Types Assigned	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e Patch, Third Party Advisory
Changed	Reference Type	https://usn.ubuntu.com/3899-1/ No Types Assigned	https://usn.ubuntu.com/3899-1/ Third Party Advisory
Changed	Reference Type	https://www.openssl.org/news/secadv/20190226.txt No Types Assigned	https://www.openssl.org/news/secadv/20190226.txt Vendor Advisory

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Vulnerability Change Records for CVE-2019-1559

Change History

Modified Analysis 3/01/2019 2:6:10 PM

CVE Modified by OpenSSL Software Foundation 4/23/2019 3:32:46 PM

CVE Modified by OpenSSL Software Foundation 8/06/2019 1:15:44 PM

CVE Modified by OpenSSL Software Foundation 9/24/2019 11:15:11 PM

CVE Modified by OpenSSL Software Foundation 5/15/2019 12:29:01 AM

CVE Modified by OpenSSL Software Foundation 1/15/2020 3:15:23 PM

CVE Modified by OpenSSL Software Foundation 5/21/2019 8:29:00 PM

CVE Modified by OpenSSL Software Foundation 3/08/2019 6:29:06 AM

CVE Modified by OpenSSL Software Foundation 8/12/2019 10:15:13 AM

CVE Modified by OpenSSL Software Foundation 5/15/2019 5:29:00 AM

CVE Modified by OpenSSL Software Foundation 8/13/2019 2:15:13 PM

Reanalysis 2/28/2019 5:26:29 PM

CVE Modified by OpenSSL Software Foundation 1/20/2021 10:15:30 AM

CVE Modified by OpenSSL Software Foundation 7/23/2019 7:15:36 PM

CVE Modified by OpenSSL Software Foundation 4/23/2019 5:29:05 AM

Modified Analysis 3/28/2019 8:42:09 PM

CVE Modified by OpenSSL Software Foundation 3/26/2019 8:29:01 PM

CVE Modified by OpenSSL Software Foundation 3/21/2019 12:1:03 PM

CVE Modified by OpenSSL Software Foundation 3/02/2019 6:29:03 AM

CWE Remap 8/24/2020 1:37:01 PM

CVE Modified by OpenSSL Software Foundation 4/08/2019 11:29:01 AM

CVE Modified by OpenSSL Software Foundation 2/28/2019 6:29:00 AM

CVE Modified by OpenSSL Software Foundation 3/04/2019 6:29:00 AM

CVE Modified by OpenSSL Software Foundation 3/14/2019 6:29:17 AM

CVE Modified by OpenSSL Software Foundation 11/20/2019 3:15:12 PM

Modified Analysis 3/18/2019 11:14:53 AM

CVE Modified by OpenSSL Software Foundation 10/09/2019 4:15:24 PM

CVE Modified by OpenSSL Software Foundation 6/27/2019 8:15:11 AM

CVE Modified by OpenSSL Software Foundation 3/28/2019 6:29:00 PM

CVE Modified by OpenSSL Software Foundation 4/02/2019 2:30:21 PM

CVE Modified by OpenSSL Software Foundation 7/22/2020 1:15:12 PM

CVE Modified by OpenSSL Software Foundation 9/20/2019 10:15:11 PM

CVE Modified by OpenSSL Software Foundation 10/16/2019 2:15:26 PM

Modified Analysis 3/04/2019 10:40:56 AM

CVE Modified by OpenSSL Software Foundation 3/01/2019 6:29:08 AM

CVE Modified by OpenSSL Software Foundation 9/26/2019 12:15:17 AM

Initial Analysis 2/28/2019 12:8:57 PM