Vulnerability Change Records for CVE-2019-3696

Change History

Reanalysis 3/20/2020 10:58:40 AM

Action Type Old Value New Value
Added CVSS V3.1

								
							
							
						
NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Removed CVSS V3.1
NIST AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

								
						

Reanalysis 3/24/2020 10:0:50 AM

Action Type Old Value New Value
Added CVSS V2

								
							
							
						
NIST (AV:L/AC:M/Au:N/C:P/I:P/A:P)
Removed CVSS V2
NIST (AV:L/AC:L/Au:N/C:P/I:P/A:P)

								
						
Added CVSS V2 Metadata

								
							
							
						
Victim must voluntarily interact with attack mechanism
Added CVSS V3.1

								
							
							
						
NIST AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Removed CVSS V3.1
NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

								
						

Initial Analysis 3/06/2020 1:0:35 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:opensuse:pcp:*:*:*:*:*:*:*:* versions up to (excluding) 3.11.9-5.8.1
     OR
          cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:*:*:*:espos:*:*:*
          cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:*:*:*:ltss:*:*:*
          cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:*:*:*
          cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:ltss:*:*
          cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:opensuse:pcp:*:*:*:*:*:*:*:* versions up to (excluding) 3.11.9-6.14.1
     OR
          cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp4:*:*:*:*:*:*
          cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:opensuse:pcp:*:*:*:*:*:*:*:* versions up to (excluding) 4.3.1-3.5.3
     OR
          cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:opensuse:pcp:*:*:*:*:*:*:*:* versions up to (excluding) 4.3.1-lp151.2.3.1
     OR
          cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Added CVSS V3.1

								
							
							
						
NIST AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NIST CWE-22
Changed Reference Type
https://bugzilla.suse.com/show_bug.cgi?id=1153921 No Types Assigned
https://bugzilla.suse.com/show_bug.cgi?id=1153921 Exploit, Issue Tracking, Vendor Advisory