This Integration is part of the Qualys Pack.

Supported versions

Supported Cortex XSOAR versions: 5.5.0 and later.

Qualys VMDR lets you create, run, fetch and manage reports, launch and manage vulnerability and compliance scans, and manage the host assets you want to scan for vulnerabilities and compliance. This integration was integrated and tested with version 2.0 of QualysVulnerabilityManagement

Changes compared to V1

Changes in commands

1. qualys-vm-scan-launch command - Added new parameters and outputs.
2. qualys-ip-add - Added new parameters and outputs.
3. qualys-ip-update - Added new parameters and changed existing parameters, added new outputs.
4. qualys-virtual-host-manage - Added new parameters and outputs.
5. qualys-host-excluded-manage - Changed existing parameters, added new outputs.
6. qualys-vulnerability-list - Added new parameters, added new outputs.
7. qualys-vm-scan-fetch - Added new parameters, changed context paths of outputs.
8. qualys-pc-scan-fetch - Added outputs.
9. qualys-report-list - Added new parameters, changed context paths of outputs.
10. qualys-ip-list - Added new parameters, changed context paths of outputs.
11. qualys-vm-scan-list - Removed context paths.
12. qualys-scap-scan-list - Added new parameters, changed existing parameters, changed context paths.
13. qualys-ip-restricted-list - New command.
14. qualys-host-excluded-list - Added new parameters, added new outputs.
15. qualys-report-fetch - Added new parameters, added new outputs.
16. qualys-report-cancel - Added new outputs.
17. qualys-group-list - Added new parameters, changed existing parameters, changed context paths.
18. qualys-report-launch-compliance-policy - changed existing parameters.
19. qualys-report-launch-remediation - changed existing parameters.
20. qualys-report-launch-patch - changed existing parameters.
21. qualys-report-launch-compliance - changed existing parameters.
22. qualys-report-launch-scan-based-findings - changed existing parameters.
23. qualys-report-launch-host-based-findings - changed existing parameters.
24. qualys-vm-scan-action - Removed output.
25. qualys-pc-scan-list - Added new parameters, changed existing parameters, changed outputs.
26. qualys-pc-scan-launch - changed outputs.
27. qualys-pc-scan-manage - changed outputs.
28. qualys-schedule-scan-list - Added new parameters, changed outputs.
29. qualys-host-list - Added new parameters, changed existing parameters, changed outputs.
30. qualys-virtual-host-list - Added new parameters, changed outputs.
31. qualys-scheduled-report-list - Added new parameters, changed existing parameters, changed outputs.
32. qualys-report-template-list - Added new parameters, changed outputs.
33. qualys-report-launch-map - Changed existing parameters.
34. qualys-ip-restricted-manage - New command.
35. qualys-purge-scan-host-data - New command.

Playbooks

1. Vulnerability Management - Qualys (Job) - migrated to work with this new version
2. New playbook - qualys-pc-scan-launch-and-fetch
3. New playbook - qualys-report-launch-compliance-and-fetch
4. New playbook - qualys-vm-scan-launch-and-fetch.yml
5. New playbook - qualys-report-launch-scan-based-findings-and-fetch.yml
6. New playbook - qualys-scheduled-report-launch-and-fetch.yml
7. New playbook - qualys-report-launch-remediation-and-fetch.yml
8. New playbook - qualys-report-launch-patch-and-fetch.yml
9. New playbook - qualys-report-launch-map-and-fetch.yml
10. New playbook - qualys-report-launch-host-based-findings-and-fetch.yml
11. New playbook - qualys-report-launch-compliance-policy-and-fetch.yml

Configure Qualys VMDR in Cortex

1. Navigate to Settings > Integrations > Servers & Services.

2. Search for Qualys VMDR.

3. Click Add instance to create and configure a new integration instance.

   Name	Description	Required
   Server URL	When using asset-tag commands, the official documentation recommends that the SERVER URL parameter should be in the following format: https://qualysapi.<tenant>.apps.qualys.com/<end-point>.	True
   Username		True
   Trust any certificate (not secure)		False
   Use system proxy settings		False
   Fetch Events		False
   Event first fetch time	Available on Cortex XSIAM only. If "First event fetch time" is set for a long time ago, it may cause performance issues.	False
   Event Fetch Limit	Available in Cortex XSIAM only. Maximum number of events to fetch per fetch iteration.	False
   Events Fetch Interval	Available in Cortex XSIAM only.	False
   Fetch Assets and Vulnerabilities	Available in Cortex XSIAM only. Whether to fetch host list detections (assets) and vulnerabilites.	False
   Assets and Vulnerabilities Fetch Interval	Available in Cortex XSIAM only. The fetch interval for assets and vulnerabilities. It is recommended to set it to 24 hours. Interval lower then 1 hour is not supported. Default is 1 day.	False
   Fetch Vulnerabilities Behavior	Available in Cortex XSIAM only. Default is Fetch by last modified date.	False

4. Click Test to validate the URLs, token, and connection.

Notes

When configuring the integration instance, selecting the "Fetch by last modified date" option in the Fetch Vulnerabilities Behavior dropdown fetches all assets and vulnerabilities from the last 90 days.

To fetch only vulnerabilities by unique QIDs relevant to the assets regardless of the vulnerability modified time, choose the "Fetch by unique QIDs of assets" option.

Asset Tag Commands

The API endpoints in the Qualys API that can be used depend on the value of the Server URL parameter in the integration instance configuration. When using asset-tag commands, the official documentation recommends that the Server URL parameter be in the following format: https://qualysapi.<tenant>.apps.qualys.com/<end-point>.

Commands

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

qualys-ip-list

---

View a list of IP addresses in the user account.

Base Command

qualys-ip-list

Input

Argument Name	Description	Required
ips	Show only certain IP addresses/ranges.	Optional
network_id	Restrict the request to a certain custom network ID.	Optional
tracking_method	Show only IP addresses/ranges which have a certain tracking method. Possible values are: IP, DNS, NETBIOS.	Optional
compliance_enabled	Specify 1 to list compliance IP addresses in the user’s account. These hosts are assigned to the policy compliance module. Specify 0 to get host that are not assigned to the policy compliance module. Possible values are: 0, 1.	Optional
certview_enabled	(Optional) Specify 1 to list IP addresses in the user’s account assigned to the Certificate View module. Specify 0 to list IP addresses that are not assigned to the Certificate View module. Note - This option will be supported when Certificate View GA is released and is enabled for your account. Possible values are: 0, 1.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.IP.Address	unknown	IP addresses.
Qualys.IP.Range	unknown	IP range.

Command Example

!qualys-ip-list ips=1.1.1.1-1.1.1.5 compliance_enabled=1 certview_enabled=1

Context Example

{

"Qualys": {

"IP": {

"Address": [

"1.1.1.1",

"1.1.1.3"

]

}

}

}

Human Readable Output

ip
1.1.1.1
1.1.1.3

qualys-report-list

---

Get a list of generated reports in the system

Base Command

qualys-report-list

Input

Argument Name	Description	Required
id	Specify a report ID of a report that is saved in the Report Share storage space.	Optional
state	Specify reports with a certain state. Possible values are: Running, Finished, Canceled, Errors.	Optional
user_login	Specify a user login ID to get reports launched by the specified user login ID.	Optional
expires_before_datetime	Specify the date and time to get only reports that expire before it. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
client_id	(Optional) Id assigned to the client (Consultant type subscriptions).	Optional
client_name	(Optional) Name of the client (Consultant type subscriptions). Note, The client_id and client_name parameters are mutually exclusive and cannot be specified together in the same request.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Report ID.
Qualys.Report.TITLE	unknown	Report title.
Qualys.Report.TYPE	unknown	Report type.
Qualys.Report.LAUNCH_DATETIME	unknown	Date and time the report launched.
Qualys.Report.OUTPUT_FORMAT	unknown	Report output format.
Qualys.Report.SIZE	unknown	Report size.
Qualys.Report.STATUS.STATE	unknown	Report state status.
Qualys.Report.STATUS.MESSAGE	unknown	Report status message.
Qualys.Report.STATUS.PERCENT	unknown	Report status percent.
Qualys.Report.EXPIRATION_DATETIME	unknown	Report expiration datetime.

Command Example

!qualys-report-list state=Finished expires_before_datetime=2021-05-01

Human Readable Output

No items found

qualys-vm-scan-list

---

Lists vulnerability scans in the user’s account

Base Command

qualys-vm-scan-list

Input

Argument Name	Description	Required
scan_ref	Show only a scan with a certain scan reference code.	Optional
state	Show only one or more scan states.	Optional
processed	Specify 0 to show only scans that are not processed. Specify 1 to show only scans that have been processed. Possible values are: 0, 1.	Optional
type	Show only a certain scan type. Possible values are: On-Demand, Scheduled, API.	Optional
target	Show only one or more target IP addresses.	Optional
user_login	Show only a certain user login.	Optional
launched_after_datetime	Show only scans launched after a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.'.	Optional
launched_before_datetime	Show only scans launched before a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.'.	Optional
show_ags	Specify 1 to show asset group information for each scan in the output. Possible values are: 1.	Optional
show_op	Specify 1 to show option profile information for each scan in the output. Possible values are: 1.	Optional
show_status	Specify 0 to not show scan status for each scan in the output. Possible values are: 0.	Optional
show_last	Specify 1 to show only the most recent scan (which meets all other search filters in the request) in the output. Possible values are: 1.	Optional
scan_id	(Optional) Show only a scan with a certain compliance scan ID.	Optional
client_id	(Optional) Id assigned to the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request.	Optional
client_name	(Optional) Name of the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request.	Optional
pci_only	(Optional) Specify 1 to show only external PCI scans in the XML output. External PCI scans are vulnerability scans run with the option profile "Payment Card Industry (PCI) Options". When pci_only=1 is specified, the XML output will not include other types of scans run with other option profiles. Possible values are: 1.	Optional
ignore_target	(Optional) Specify 1 to hide target information from the scan list. Specify 0 to display the target information. Possible values are: 1, 0.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.Scan.REF	unknown	Scan REF.
Qualys.Scan.TYPE	unknown	Scan type.
Qualys.Scan.TITLE	unknown	Scan title.
Qualys.Scan.LAUNCH_DATETIME	unknown	Date and time the scan launched.
Qualys.Scan.DURATION	unknown	Scan Duration.
Qualys.Scan.PROCESSING_PRIORITY	unknown	Scan Processing Priority.
Qualys.Scan.PROCESSED	unknown	Scan Processed.
Qualys.Scan.STATUS.STATE	unknown	Scan status state.
Qualys.Scan.STATUS.SUB_STATE	unknown	Scan status sub state.
Qualys.Scan.SCHEDULE	unknown	Scan Schedule.
Qualys.Scan.TARGET	unknown	Scan Target.
Qualys.Scan.ASSET_GROUP_TITLE	unknown	Target Asset Group Title.
Qualys.Scan.DEFAULT_FLAG	unknown	Scan Default Flag.
Qualys.Scan.USER_LOGIN	unknown	The user that created the scan.

Command Example

!qualys-vm-scan-list launched_before_datetime=2021-04-20 type=API processed=1 state=Finished

Context Example

{

"Qualys": {

"Scan": [

{

"DURATION": "00:25:18",

"LAUNCH_DATETIME": "2021-04-11T12:54:19Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618145659.78157",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:25:18",

"LAUNCH_DATETIME": "2021-04-11T12:53:44Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618145624.78156",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:25:36",

"LAUNCH_DATETIME": "2021-04-11T12:52:40Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618145560.78154",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:24:49",

"LAUNCH_DATETIME": "2021-04-11T12:43:03Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618144983.78115",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:25:01",

"LAUNCH_DATETIME": "2021-04-11T12:42:22Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618144942.78113",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:25:56",

"LAUNCH_DATETIME": "2021-04-11T12:41:31Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618144892.78108",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:26:41",

"LAUNCH_DATETIME": "2021-04-11T12:41:22Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618144883.78106",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:25:20",

"LAUNCH_DATETIME": "2021-04-11T12:40:11Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618144811.78099",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:25:03",

"LAUNCH_DATETIME": "2021-04-11T12:39:05Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618144745.78096",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:24:54",

"LAUNCH_DATETIME": "2021-04-11T12:33:36Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1618144416.78068",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:37:29",

"LAUNCH_DATETIME": "2021-03-16T10:19:09Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615889949.37940",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:24:23",

"LAUNCH_DATETIME": "2021-03-16T10:08:20Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615889300.37888",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:22:17",

"LAUNCH_DATETIME": "2021-03-16T10:06:17Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615889177.37862",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:21:29",

"LAUNCH_DATETIME": "2021-03-16T10:02:28Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615888948.37811",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "01:00:13",

"LAUNCH_DATETIME": "2021-03-16T10:01:37Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615888897.37791",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:21:33",

"LAUNCH_DATETIME": "2021-03-16T10:01:09Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615888869.37785",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:21:29",

"LAUNCH_DATETIME": "2021-03-16T09:59:40Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615888780.37762",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:22:04",

"LAUNCH_DATETIME": "2021-03-16T09:27:32Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615886852.37638",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:22:14",

"LAUNCH_DATETIME": "2021-03-16T09:26:31Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615886791.37632",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:21:28",

"LAUNCH_DATETIME": "2021-03-16T09:22:38Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615886558.37620",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

},

{

"DURATION": "00:19:55",

"LAUNCH_DATETIME": "2021-03-16T09:18:53Z",

"PROCESSED": "1",

"PROCESSING_PRIORITY": "0 - No Priority",

"REF": "scan/1615886333.37610",

"STATUS": {

"STATE": "Finished"

},

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"TYPE": "API",

"USER_LOGIN": "demst2nr"

}

]

}

}

Human Readable Output

Scan List

REF	TITLE	STATUS	PROCESSED	TYPE	TARGET	PROCESSING_PRIORITY	LAUNCH_DATETIME	DURATION	USER_LOGIN
scan/1618145659.78157	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:54:19Z	00:25:18	demst2nr
scan/1618145624.78156	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:53:44Z	00:25:18	demst2nr
scan/1618145560.78154	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:52:40Z	00:25:36	demst2nr
scan/1618144983.78115	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:43:03Z	00:24:49	demst2nr
scan/1618144942.78113	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:42:22Z	00:25:01	demst2nr
scan/1618144892.78108	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:41:31Z	00:25:56	demst2nr
scan/1618144883.78106	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:41:22Z	00:26:41	demst2nr
scan/1618144811.78099	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:40:11Z	00:25:20	demst2nr
scan/1618144745.78096	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:39:05Z	00:25:03	demst2nr
scan/1618144416.78068	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-04-11T12:33:36Z	00:24:54	demst2nr
scan/1615889949.37940	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T10:19:09Z	00:37:29	demst2nr
scan/1615889300.37888	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T10:08:20Z	00:24:23	demst2nr
scan/1615889177.37862	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T10:06:17Z	00:22:17	demst2nr
scan/1615888948.37811	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T10:02:28Z	00:21:29	demst2nr
scan/1615888897.37791	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T10:01:37Z	01:00:13	demst2nr
scan/1615888869.37785	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T10:01:09Z	00:21:33	demst2nr
scan/1615888780.37762	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T09:59:40Z	00:21:29	demst2nr
scan/1615886852.37638	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T09:27:32Z	00:22:04	demst2nr
scan/1615886791.37632	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T09:26:31Z	00:22:14	demst2nr
scan/1615886558.37620	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T09:22:38Z	00:21:28	demst2nr
scan/1615886333.37610	N/A	STATE: Finished	1	API	1.1.1.1	0 - No Priority	2021-03-16T09:18:53Z	00:19:55	demst2nr

qualys-scap-scan-list

---

Gives you a list of SCAP scans in your account

Base Command

qualys-scap-scan-list

Input

Argument Name	Description	Required
scan_ref	Show only a scan with a certain scan reference code.	Optional
state	Show only one or more scan states.	Optional
processed	Specify 0 to show only scans that are not processed. Specify 1 to show only scans that have been processed. Possible values are: 0, 1.	Optional
type	Show only a certain scan type. Possible values are: On-Demand, Scheduled, API.	Optional
target	Show only one or more target IP addresses.	Optional
user_login	Show only a certain user login.	Optional
launched_after_datetime	Show only scans launched after a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.'.	Optional
launched_before_datetime	Show only scans launched before a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.'.	Optional
show_ags	Specify 1 to show asset group information for each scan in the output. Possible values are: 1.	Optional
show_op	Specify 1 to show option profile information for each scan in the output. Possible values are: 1.	Optional
show_status	Specify 0 to not show scan status for each scan in the output. Possible values are: 0.	Optional
show_last	Specify 1 to show only the most recent scan (which meets all other search filters in the request) in the output. Possible values are: 1.	Optional
scan_id	(Optional) Show only a scan with a certain compliance scan ID.	Optional
client_id	(Optional) Id assigned to the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request.	Optional
client_name	(Optional) Name of the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request.	Optional
pci_only	(Optional) Specify 1 to show only external PCI scans in the XML output. External PCI scans are vulnerability scans run with the option profile "Payment Card Industry (PCI) Options". When pci_only=1 is specified, the XML output will not include other types of scans run with other option profiles. Possible values are: 1.	Optional
ignore_target	(Optional) Specify 1 to hide target information from the scan list. Specify 0 to display the target information. Possible values are: 1, 0.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.SCAP.Scan.ID	unknown	Scan ID.
Qualys.SCAP.Scan.Reference	unknown	Scan ref.
Qualys.SCAP.Scan.REF	unknown	Scan REF.
Qualys.SCAP.Scan.Type	unknown	Scan type.
Qualys.SCAP.Scan.Title	unknown	Scan title.
Qualys.SCAP.Scan.LaunchDatetime	unknown	Date and time the scan launched.
Qualys.SCAP.Scan.Duration	unknown	Scan Duration.
Qualys.SCAP.Scan.ProcessingPriority	unknown	Scan Processing Priority.
Qualys.SCAP.Scan.Processed	unknown	Scan Processed.
Qualys.SCAP.Scan.Status.State	unknown	Scan status state.
Qualys.SCAP.Scan.Status.SubState	unknown	Scan status sub state.
Qualys.SCAP.Scan.Schedule	unknown	Scan Schedule.
Qualys.SCAP.Scan.Target	unknown	Scan Target.
Qualys.SCAP.Scan.AssetGroupTitle	unknown	Target Asset Group Title.
Qualys.SCAP.Scan.DeafualtFlag	unknown	Scan Default Flag.
Qualys.SCAP.Scan.UserLogin	unknown	The user that created the scan.

Command Example

!qualys-scap-scan-list action=list

Human Readable Output

qualys-pc-scan-list

---

Get a list of compliance scans in your account.

Base Command

qualys-pc-scan-list

Input

Argument Name	Description	Required
scan_id	Scan id.	Optional
scan_ref	Scan reference.	Optional
state	Show only one or more scan states.	Optional
processed	Specify 0 to show only scans that are not processed. Specify 1 to show only scans that have been processed. Possible values are: 0, 1.	Optional
type	Show only a certain scan type.	Optional
target	Show only one or more target IP addresses.	Optional
user_login	Show only a certain user login.	Optional
launched_after_datetime	Show only scans launched after a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.'.	Optional
launched_before_datetime	Show only scans launched before a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.'.	Optional
show_ags	Specify 1 to show asset group information for each scan in the output. Possible values are: 1.	Optional
show_op	Specify 1 to show option profile information for each scan in the output. Possible values are: 1.	Optional
show_status	Specify 0 to not show scan status for each scan in the output. Possible values are: 0.	Optional
show_last	Specify 1 to show only the most recent scan (which meets all other search filters in the request) in the output. Possible values are: 1.	Optional
pci_only	Specify 1 to show only external PCI scans in the XML output. External PCI scans are vulnerability scans run with the option profile "Payment Card Industry (PCI) Options". When pci_only=1 is specified, the XML output will not include other types of scans run with other option profiles. Possible values are: 1, 0.	Optional
ignore_target	Specify 1 to hide target information from the scan list. Specify 0 to display the target information. Possible values are: 1, 0.	Optional
client_id	(Optional) Id assigned to the client (Consultant type subscriptions).	Optional
client_name	(Optional) Name of the client (Consultant type subscriptions). Note, The client_id and client_name parameters are mutually exclusive and cannot be specified together in the same request.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.Scan.REF	unknown	Scan REF.
Qualys.Scan.TYPE	unknown	Scan type.
Qualys.Scan.TITLE	unknown	Scan title.
Qualys.Scan.LAUNCH_DATETIME	unknown	Date and time the scan launched.
Qualys.Scan.DURATION	unknown	Scan Duration.
Qualys.Scan.PROCESSING_PRIORITY	unknown	Scan Processing Priority.
Qualys.Scan.PROCESSED	unknown	Scan Processed.
Qualys.Scan.STATUS.STATE	unknown	Scan status state.
Qualys.Scan.STATUS.SUB_STATE	unknown	Scan status sub state.
Qualys.Scan.SCHEDULE	unknown	Scan Schedule.
Qualys.Scan.TARGET	unknown	Scan Target.
Qualys.Scan.ASSET_GROUP_TITLE	unknown	Target Asset Group Title.
Qualys.Scan.DEFAULT_FLAG	unknown	Scan Default Flag.
Qualys.Scan.USER_LOGIN	unknown	The user that created the scan.

Command Example

!qualys-pc-scan-list scan_ref=compliance/1619018638.71779 processed=1 state=Finished

Human Readable Output

No items found

qualys-schedule-scan-list

---

Shows schedule scans

Base Command

qualys-schedule-scan-list

Input

Argument Name	Description	Required
id	The ID of the scan schedule you want to display.	Optional
active	Specify 1 for active schedules only, or 0 for deactivated schedules only. Possible values are: 0, 1.	Optional
show_notifications	(Optional) Specify 1 to include the notification settings for each schedule in the XML output.	Optional
scan_type	(Optional) Launch a scan with a certain type. Possible values are: certview, perimeter.	Optional
fqdn	(Optional) The target FQDN for a vulnerability scan. You must specify at least one target i.e. IPs, asset groups or FQDNs. Multiple values are comma separated.	Optional
show_cloud_details	(Optional) Set to 1 to display the cloud details (Provider, Connector, Scan Type and Cloud Target) in the XML output. Otherwise the details are not displayed in the output. The cloud details will show scan type "Cloud Perimeter" for cloud perimeter scans.	Optional
client_id	(Optional) Id assigned to the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request.	Optional
client_name	(Optional) Name of the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.Scan.ID	unknown	Scan ID.
Qualys.Scan.REF	unknown	Scan REF.
Qualys.Scan.TYPE	unknown	Scan type.
Qualys.Scan.TITLE	unknown	Scan title.
Qualys.Scan.LAUNCH_DATETIME	unknown	Date and time the scan launched.
Qualys.Scan.DURATION	unknown	Scan Duration.
Qualys.Scan.PROCESSING_PRIORITY	unknown	Scan Processing Priority.
Qualys.Scan.PROCESSED	unknown	Scan Processed.
Qualys.Scan.STATUS.STATE	unknown	Scan status state.
Qualys.Scan.STATUS.SUB_STATE	unknown	Scan status sub state.
Qualys.Scan.TARGET	unknown	Scan Target.
Qualys.Scan.ASSET_GROUP_TITLE	unknown	Target Asset Group Title.
Qualys.Scan.DEFAULT_FLAG	unknown	Scan Default Flag.
Qualys.Scan.USER_LOGIN	unknown	The user that created the scan.
Qualys.Scan.ACTIVE	unknown	Scheduled scan active.
Qualys.Scan.USER_ENTERED_IPS.RANGE.START	unknown	IP range requested start.
Qualys.Scan.USER_ENTERED_IPS.RANGE.END	unknown	IP range requested end.
Qualys.Scan.ISCANNER_NAME	unknown	Iscanner name used in the scan.
Qualys.Scan.SCHEDULE.DAILY.@frequency_days	unknown	Frequency of usage of the scan.
Qualys.Scan.SCHEDULE.START_DATE_UTC	unknown	Start date of the scheduled scan in UTC format.
Qualys.Scan.SCHEDULE.START_HOUR	unknown	Start hour of the scheduled scan.
Qualys.Scan.SCHEDULE.START_MINUTE	unknown	Start minute of the scheduled scan.
Qualys.Scan.SCHEDULE.TIME_ZONE.TIME_ZONE_CODE	unknown	Time zone code of the time for the scheduled scan.
Qualys.Scan.SCHEDULE.TIME_ZONE.TIME_ZONE_DETAILS	unknown	Time zone details of the time for the scheduled scan.
Qualys.Scan.OPTION_PROFILE.DEFAULT_FLAG	unknown	Default flag of the option profile.
Qualys.Scan.OPTION_PROFILE.TITLE	unknown	Title of the option profile.
Qualys.Scan.EC2_INSTANCE.CONNECTOR_UUID	unknown	Connector UUID of EC2 instance.
Qualys.Scan.EC2_INSTANCE.EC2_ENDPOINT	unknown	Endpoint of EC2 instance.
Qualys.Scan.EC2_INSTANCE.EC2_ONLY_CLASSIC	unknown	EC2 only classic.

Command Example

!qualys-schedule-scan-list active=0 id=130694

Context Example

{

"Qualys": {

"Scan": {

"ACTIVE": "0",

"ID": "130694",

"ISCANNER_NAME": "External Scanner",

"OPTION_PROFILE": {

"DEFAULT_FLAG": "1",

"TITLE": "Initial Options"

},

"PROCESSING_PRIORITY": "0 - No Priority",

"SCHEDULE": {

"DAILY": {

"@frequency_days": "1"

},

"DST_SELECTED": "0",

"START_DATE_UTC": "2017-06-07T22:00:00Z",

"START_HOUR": "0",

"START_MINUTE": "0",

"TIME_ZONE": {

"TIME_ZONE_CODE": "BG",

"TIME_ZONE_DETAILS": "(GMT+0200) Bulgaria: Europe/Sofia"

}

},

"TARGET": "23.96.25.100",

"TITLE": "MyScan01",

"USER_ENTERED_IPS": {

"RANGE": {

"END": "23.96.25.100",

"START": "23.96.25.100"

}

},

"USER_LOGIN": "demst2nr"

}

}

}

Human Readable Output

Schedule Scan List

ACTIVE	ID	ISCANNER_NAME	OPTION_PROFILE	PROCESSING_PRIORITY	SCHEDULE	TARGET	TITLE	USER_ENTERED_IPS	USER_LOGIN
0	130694	External Scanner	TITLE: Initial Options DEFAULT_FLAG: 1	0 - No Priority	DAILY: {"@frequency_days": "1"} START_DATE_UTC: 2017-06-07T22:00:00Z START_HOUR: 0 START_MINUTE: 0 TIME_ZONE: {"TIME_ZONE_CODE": "BG", "TIME_ZONE_DETAILS": "(GMT+0200) Bulgaria: Europe/Sofia"} DST_SELECTED: 0	23.96.25.100	MyScan01	RANGE: {"START": "23.96.25.100", "END": "23.96.25.100"}	demst2nr

qualys-host-list

---

View a list of scanned hosts in the user account.

Base Command

qualys-host-list

Input

Argument Name	Description	Required
os_pattern	Show only hosts which have an operating system matching a certain regular expression. An empty value cannot be specified. Use “%5E%24” to match empty string.	Optional
truncation_limit	Specify the maximum number of host records processed per request. When not specified, the truncation limit is set to 1000 host records. You may specify a value less than the default (1-999) or greater than the default (1001-1000000).	Optional
ips	Show only certain IP addresses/ranges. One or more IPs/ranges may be specified. Multiple entries are comma separated. An IP range is specified with a hyphen (for example, 10.10.10.1-10.10.10.100).	Optional
ag_titles	Show only hosts belonging to asset groups with certain strings in the asset group title. One or more asset group titles may be specified. Multiple entries are comma separated (for example, My+First+Asset+Group,Another+Asset+Group).	Optional
ids	Show only certain host IDs/ranges. One or more host IDs/ranges may be specified. Multiple entries are comma separated. A host ID range is specified with a hyphen (for example, 190-400).Valid host IDs are required.	Optional
network_ids	(Optional, and valid only when the Network Support feature is enabled for the user’s account) Restrict the request to certain custom network IDs. Multiple network IDs are comma separated.	Optional
no_vm_scan_since	Show hosts not scanned since a certain date and time (optional). use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week. Permissions: An Auditor cannot specify this parameter.	Optional
vm_scan_since	Show hosts that were last scanned for vulnerabilities since a certain date and time (optional). Hosts that were the target of a vulnerability scan since the date/time will be shown. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week. Permissions: An Auditor cannot specify this parameter.	Optional
no_compliance_scan_since	(Optional) Show compliance hosts not scanned since a certain date and time (optional). This parameter is invalid for an Express Lite user. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
use_tags	Specify 0 (the default) if you want to select hosts based on IP addresses/ranges and/or asset groups. Specify 1 if you want to select hosts based on asset tags. Possible values are: 0, 1.	Optional
tag_set_by	(Optional when use_tags=1) Specify “id” (the default) to select a tag set by providing tag IDs. Specify “name” to select a tag set by providing tag names. Possible values are: id, name.	Optional
tag_include_selector	(Optional when use_tags=1) Select “any” (the default) to include hosts that match at least one of the selected tags. Select “all” to include hosts that match all of the selected tags. Possible values are: any, all.	Optional
tag_exclude_selector	(Optional when use_tags=1) Select “any” (the default) to exclude hosts that match at least one of the selected tags. Select “all” to exclude hosts that match all of the selected tags. Possible values are: any, all.	Optional
tag_set_include	(Optional when use_tags=1) Specify a tag set to include. Hosts that match these tags will be included. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
tag_set_exclude	(Optional when use_tags=1) Specify a tag set to exclude. Hosts that match these tags will be excluded. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
show_tags	(Optional) Specify 1 to display asset tags associated with each host in the XML output. Possible values are: 0, 1.	Optional
host_metadata	Specify the name of the cloud provider to show the assets managed by the cloud provider. Valid values: ec2, google, azure.	Optional
host_metadata_fields	(Optional when host_metadata is specified) Specify metadata fields to only return data for certain attributes.	Optional
show_cloud_tags	(Optional) Specify 1 to display cloud provider tags for each scanned host asset in the output. The default value of the parameter is set to 0. When set to 0, we will not show the cloud provider tags for the scanned assets. Possible values are: 0, 1.	Optional
cloud_tag_fields	(Optional when show_cloud_tags is specified) Specify cloud tags or cloud tag and name combinations to only return information for specified cloud tags. A cloud tag name and value combination is specified with a colon (for example:SomeTag6:AY_ec2). For each cloud tag, we show the cloud tag’s name, its value, and last success date (the tag last success date/time, fetched from instance). If this parameter is not specified and "show_cloud_tags" is set to 1, we will show all the cloud provider tags for the assets.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional
details	(Optional) Show the requested amount of host information for each host. A valid value is: Basic, Basic/AGs, All, All/AGs, or None.	Optional

Context Output

Path	Type	Description
Qualys.Endpoint.ID	unknown	Endpoint ID.
Qualys.Endpoint.IP	unknown	IP.
Qualys.Endpoint.CLOUD_PROVIDER	unknown	Host's cloud provider.
Qualys.Endpoint.DNS	unknown	DNS.
Qualys.Endpoint.EC2_INSTANCE_ID	unknown	EC2 instance ID.
Qualys.Endpoint.QG_HOSTID	unknown	QG host ID.
Qualys.Endpoint.CLOUD_SERVICE	unknown	Cloud service of the endpoint.
Qualys.Endpoint.TRACKING_METHOD	unknown	Tracking method of the endpoint.
Qualys.Endpoint.CLOUD_RESOURCE_ID	unknown	Cloud resource ID of the endpoint.
Qualys.Endpoint.DNS_DATA.DOMAIN	unknown	Domain of the endpoint.
Qualys.Endpoint.DNS_DATA.HOSTNAME	unknown	Host name of the endpoint.
Qualys.Endpoint.NETBIOS	unknown	NETBIOS.
Qualys.Endpoint.OS	unknown	Endpoint operating system.

Command Example

!qualys-host-list show_tags=1 vm_scan_since=2021-04-01

Context Example

{

"Qualys": {

"Endpoint": [

{

"DNS": "one.one.one.one",

"DNS_DATA": {

"DOMAIN": "one.one.one",

"FQDN": "one.one.one.one",

"HOSTNAME": "one"

},

"ID": "143444841",

"IP": "1.1.1.1",

"OS": "Linux 3.13",

"TAGS": {

"TAG": {

"NAME": "Internet Facing Assets",

"TAG_ID": "31029217"

}

},

"TRACKING_METHOD": "IP"

},

{

"ID": "299167859",

"IP": "1.1.1.1",

"OS": "Linux 2.x",

"TAGS": {

"TAG": {

"NAME": "Internet Facing Assets",

"TAG_ID": "31029217"

}

},

"TRACKING_METHOD": "IP"

}

]

}

}

Human Readable Output

Host List

DNS	DNS_DATA	ID	IP	OS	TAGS	TRACKING_METHOD
one.one.one.one	HOSTNAME: one DOMAIN: one.one.one FQDN: one.one.one.one	143444841	1.1.1.1	Linux 3.13	TAG: {"TAG_ID": "31029217", "NAME": "Internet Facing Assets"}	IP
		299167859	1.1.1.1	Linux 2.x	TAG: {"TAG_ID": "31029217", "NAME": "Internet Facing Assets"}	IP

qualys-virtual-host-list

---

View a list of virtual hosts in the user account.

Base Command

qualys-virtual-host-list

Input

Argument Name	Description	Required
ip	Show only virtual hosts that have a certain IP address.	Optional
port	Show only virtual hosts that have a certain port.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.VirtualEndpoint.IP	unknown	IP.
Qualys.VirtualEndpoint.PORT	unknown	Port.
Qualys.VirtualEndpoint.FQDN	unknown	Fully qualified domain name.

Command Example

!qualys-virtual-host-list ip=1.1.1.1 port=1231

Context Example

{

"Qualys": {

"VirtualEndpoint": {

"FQDN": "panw.raz.com",

"IP": "1.1.1.1",

"PORT": "1231"

}

}

}

Human Readable Output

Virtual Host List

FQDN	IP	PORT
panw.raz.com	1.1.1.1	1231

qualys-virtual-host-manage

---

View a list of virtual hosts in the user account.

Base Command

qualys-virtual-host-manage

Input

Argument Name	Description	Required
action	Virtual host action to perform. Possible values are: create, update, delete, add_fqdn, delete_fqdn.	Required
ip	An IP address for the virtual host configuration.	Required
port	A port number for the virtual host configuration.	Required
network_id	Network support must be enabled to specify the network_id. If network support is enabled and you do not provide a network_id, then the Default Global Network is considered. You can specify only one network_id.	Optional
fqdn	(Required for all actions except “delete”. Invalid for “delete”.) One or more fully-qualified domain names (FQDNs) for the virtual host configuration. Multiple entries are comma separated.	Optional

Context Output

Path	Type	Description
Qualys.VirtualEndpoint.DATETIME	unknown	Date and time of the executed manage action.
Qualys.VirtualEndpoint.TEXT	unknown	Result message of the executed action.

Command Example

!qualys-virtual-host-manage action=create ip=1.1.1.1 port=1291 fqdn=qualys-test.com

Context Example

{

"Qualys": {

"VirtualEndpoint": {

"DATETIME": "2021-05-30T08:48:03Z",

"TEXT": "Virtual host successfully created."

}

}

}

Human Readable Output

DATETIME	TEXT
2021-05-30T08:48:03Z	Virtual host successfully created.

qualys-host-excluded-list

---

Show the excluded host list for the user's account. Hosts in your excluded host list will not be scanned.

Base Command

qualys-host-excluded-list

Input

Argument Name	Description	Required
ips	Get list of excluded hosts or addresses range.	Optional
network_id	(Optional, and valid only when the Network Support feature is enabled for the user’s account) Restrict the request to a certain custom network ID.	Optional
ag_ids	(Optional) Show excluded hosts belonging to asset groups with certain IDs. One or more asset group IDs and/or ranges may be specified. Multiple entries are comma separated. A range is specified with a dash (for example, 386941-386945). Valid asset group IDs are required.	Optional
ag_titles	(Optional) Show excluded hosts belonging to asset groups with certain strings in the asset group title. One or more asset group titles may be specified. Multiple entries are comma separated (for example, My+First+Asset+Group,Another+Asset+Group).	Optional
use_tags	(Optional) Specify 0 (the default) if you want to select hosts based on IP addresses/ranges and/or asset groups. Specify 1 if you want to select hosts based on asset tags. Possible values are: 0, 1.	Optional
tag_include_selector	(Optional when use_tags=1) Specify "any" (the default) to include excluded hosts that match at least one of the selected tags. Specify "all" to include excluded hosts that match all of the selected tags. Possible values are: any, all.	Optional
tag_exclude_selector	(Optional when use_tags=1) Specify "any" (the default) to ignore excluded hosts that match at least one of the selected tags. Specify "all" to ignore excluded hosts that match all of the selected tags. Possible values are: any, all.	Optional
tag_set_by	(Optional when use_tags=1) Specify "id" (the default) to select a tag set by providing tag IDs. Specify "name" to select a tag set by providing tag names. Possible values are: id, name.	Optional
tag_set_include	(Optional when use_tags=1) Specify a tag set to include. Excluded hosts that match these tags will be included. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
tag_set_exclude	(Optional when use_tags=1) Specify a tag set to exclude. Excluded hosts that match these tags will be ignored. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.Excluded.Host.Address	unknown	IP Address.
Qualys.Excluded.Host.Address.#text	unknown	IP of excluded host with expiration date.
Qualys.Excluded.Host.Address.@expiration_date	unknown	Expiration date of excluded host address.
Qualys.Excluded.Host.Range.#text	unknown	Range of excluded hosts with expiration date.
Qualys.Excluded.Host.Range.@expiration_date	unknown	Expiration date of excluded hosts ranges.
Qualys.Excluded.Host.Range	unknown	Range of IP addresses.

Command Example

!qualys-host-excluded-list ips=1.1.1.1

Context Example

{

"Qualys": {

"Excluded": {

"Host": {

"Address": {

"#text": "1.1.1.1",

"@expiration_date": "2021-06-01T00:00:00Z"

}

}

}

}

}

Human Readable Output

ip
@expiration_date
#text

qualys-scheduled-report-list

---

Get list of scheduled reports

Base Command

qualys-scheduled-report-list

Input

Argument Name	Description	Required
id	Scheduled report ID.	Optional
is_active	Select is_active=1 for active or is_active=0 for inactive scheduled reports to view. Possible values are: 1, 0.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Report ID.
Qualys.Report.TITLE	unknown	Report title.
Qualys.Report.TYPE	unknown	Report type.
Qualys.Report.LAUNCH_DATETIME	unknown	Date and time the report launched.
Qualys.Report.OUTPUT_FORMAT	unknown	Report output format.
Qualys.Report.SIZE	unknown	Report size.
Qualys.Report.STATUS.STATE	unknown	Report state status.
Qualys.Report.STATUS.MESSAGE	unknown	Report status message.
Qualys.Report.STATUS.PERCENT	unknown	Report status percent.
Qualys.Report.EXPIRATION_DATETIME	unknown	Report expiration datetime.
Qualys.Report.ACTIVE	unknown	Report active.
Qualys.Report.TEMPLATE_TITLE	unknown	Title of the template.
Qualys.Report.SCHEDULE.START_DATE_UTC	unknown	Start date of the scheduled report in UTC format.
Qualys.Report.SCHEDULE.START_HOUR	unknown	Start hour of the scheduled report.
Qualys.Report.SCHEDULE.START_MINUTE	unknown	Start minute of the scheduled report.
Qualys.Report.SCHEDULE.DAILY.@frequency_days	unknown	Frequency of the scheduled report.
Qualys.Report.SCHEDULE.TIME_ZONE.TIME_ZONE_CODE	unknown	Timezone of the scheduled report.
Qualys.Report.SCHEDULE.TIME_ZONE.TIME_ZONE_DETAILS	unknown	Timezone details of the scheduled report.

Command Example

!qualys-scheduled-report-list id=8084468 is_active=1

Context Example

{

"Qualys": {

"Report": {

"ACTIVE": "1",

"ID": "8084468",

"OUTPUT_FORMAT": "PDF",

"SCHEDULE": {

"DAILY": {

"@frequency_days": "1"

},

"DST_SELECTED": "0",

"START_DATE_UTC": "2021-03-15T09:49:00Z",

"START_HOUR": "11",

"START_MINUTE": "49",

"TIME_ZONE": {

"TIME_ZONE_CODE": "IL",

"TIME_ZONE_DETAILS": "(GMT +02:00) Israel"

}

},

"TEMPLATE_TITLE": "Executive Report",

"TITLE": "Test - 20210315"

}

}

}

Human Readable Output

Scheduled Report List

ACTIVE	ID	OUTPUT_FORMAT	SCHEDULE	TEMPLATE_TITLE	TITLE
1	8084468	PDF	DAILY: {"@frequency_days": "1"} START_DATE_UTC: 2021-03-15T09:49:00Z START_HOUR: 11 START_MINUTE: 49 TIME_ZONE: {"TIME_ZONE_CODE": "IL", "TIME_ZONE_DETAILS": "(GMT +02:00) Israel"} DST_SELECTED: 0	Executive Report	Test - 20210315

qualys-report-template-list

---

get list of report template for user

Base Command

qualys-report-template-list

Input

Argument Name	Description	Required
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.ReportTemplate.ID	unknown	Report template ID.
Qualys.ReportTemplate.TYPE	unknown	Report type.
Qualys.ReportTemplate.TITLE	unknown	Report template title.
Qualys.ReportTemplate.LAST_UPDATE	unknown	Last update time.
Qualys.ReportTemplate.GLOBAL	unknown	Report template global.
Qualys.ReportTemplate.DEFAULT	unknown	Report template default.
Qualys.ReportTemplate.USER.LOGIN	unknown	Last updated user login.
Qualys.ReportTemplate.USER.FIRSTNAME	unknown	Last updated user login first name.
Qualys.ReportTemplate.USER.LASTNAME	unknown	Last updated user login last name.
Qualys.ReportTemplate.TEMPLATE_TYPE	unknown	Type of report template.

Command Example

!qualys-report-template-list

Context Example

{

"Qualys": {

"ReportTemplate": [

{

"GLOBAL": "1",

"ID": "2385938",

"LAST_UPDATE": "2021-04-08T09:50:45Z",

"TEMPLATE_TYPE": "Map",

"TITLE": "maptemptest",

"TYPE": "Manual",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "0",

"ID": "2383157",

"LAST_UPDATE": "2021-03-15T10:19:46Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "Remediated Vulnerabilities Last 30 Days v.1",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "0",

"ID": "2383160",

"LAST_UPDATE": "2021-03-15T10:38:09Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "Assets at risk of Malware v.1",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "2339987",

"LAST_UPDATE": "2020-04-07T06:14:41Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "Patchable High-priority Vulnerabilities v.1 - (1)",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1977713",

"LAST_UPDATE": "2018-05-08T14:18:50Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "Virtually Patchable Assets v.1",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1977717",

"LAST_UPDATE": "2018-05-08T14:22:47Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "Virtually Patchable Assets v.2",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1977716",

"LAST_UPDATE": "2018-05-08T14:20:29Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "Assets with Obsolete Software v.1",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1977714",

"LAST_UPDATE": "2018-05-08T14:19:31Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "Patchable High-priority Vulnerabilities v.1",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1528875",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Patch",

"TITLE": "Qualys Patch Report",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1528873",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "Executive Report",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1528874",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "Technical Report",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1528876",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Scan",

"TITLE": "High Severity Report",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1528877",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Compliance",

"TITLE": "2008 SANS Top 20 Report",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "System",

"LASTNAME": "System",

"LOGIN": "System"

}

},

{

"GLOBAL": "1",

"ID": "1528878",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Compliance",

"TITLE": "Qualys Top 20 Report",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "System",

"LASTNAME": "System",

"LOGIN": "System"

}

},

{

"GLOBAL": "1",

"ID": "1528879",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Compliance",

"TITLE": "Payment Card Industry (PCI) Technical Report",

"TYPE": "Manual",

"USER": {

"FIRSTNAME": "System",

"LASTNAME": "System",

"LOGIN": "System"

}

},

{

"GLOBAL": "1",

"ID": "1528880",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Compliance",

"TITLE": "Payment Card Industry (PCI) Executive Report",

"TYPE": "Manual",

"USER": {

"FIRSTNAME": "System",

"LASTNAME": "System",

"LOGIN": "System"

}

},

{

"GLOBAL": "1",

"ID": "1528881",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Remediation",

"TITLE": "Executive Remediation Report",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "System",

"LASTNAME": "System",

"LOGIN": "System"

}

},

{

"GLOBAL": "1",

"ID": "1528882",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Remediation",

"TITLE": "Tickets per Vulnerability",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "System",

"LASTNAME": "System",

"LOGIN": "System"

}

},

{

"GLOBAL": "1",

"ID": "1528883",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Remediation",

"TITLE": "Tickets per User",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "System",

"LASTNAME": "System",

"LOGIN": "System"

}

},

{

"GLOBAL": "1",

"ID": "1528884",

"LAST_UPDATE": "2017-06-07T20:34:57Z",

"TEMPLATE_TYPE": "Remediation",

"TITLE": "Tickets per Asset Group",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "System",

"LASTNAME": "System",

"LOGIN": "System"

}

},

{

"GLOBAL": "1",

"ID": "1528886",

"LAST_UPDATE": "2017-06-07T20:35:05Z",

"TEMPLATE_TYPE": "Policy",

"TITLE": "Policy Report Template",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "1528888",

"LAST_UPDATE": "2017-06-07T20:34:58Z",

"TEMPLATE_TYPE": "Map",

"TITLE": "Unknown Device Report",

"TYPE": "Manual",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

},

{

"GLOBAL": "1",

"ID": "2389895",

"LAST_UPDATE": "2021-05-07T15:28:52Z",

"TEMPLATE_TYPE": "Patch",

"TITLE": "Critical Patches Required v.1",

"TYPE": "Auto",

"USER": {

"FIRSTNAME": "Neelima",

"LASTNAME": "Rustagi",

"LOGIN": "demst2nr"

}

}

]

}

}

Human Readable Output

Template Report List

GLOBAL	ID	LAST_UPDATE	TEMPLATE_TYPE	TITLE	TYPE	USER
1	2385938	2021-04-08T09:50:45Z	Map	maptemptest	Manual	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
0	2383157	2021-03-15T10:19:46Z	Scan	Remediated Vulnerabilities Last 30 Days v.1	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
0	2383160	2021-03-15T10:38:09Z	Scan	Assets at risk of Malware v.1	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	2339987	2020-04-07T06:14:41Z	Scan	Patchable High-priority Vulnerabilities v.1 - (1)	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1977713	2018-05-08T14:18:50Z	Scan	Virtually Patchable Assets v.1	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1977717	2018-05-08T14:22:47Z	Scan	Virtually Patchable Assets v.2	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1977716	2018-05-08T14:20:29Z	Scan	Assets with Obsolete Software v.1	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1977714	2018-05-08T14:19:31Z	Scan	Patchable High-priority Vulnerabilities v.1	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1528875	2017-06-07T20:34:57Z	Patch	Qualys Patch Report	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1528873	2017-06-07T20:34:57Z	Scan	Executive Report	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1528874	2017-06-07T20:34:57Z	Scan	Technical Report	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1528876	2017-06-07T20:34:57Z	Scan	High Severity Report	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1528877	2017-06-07T20:34:57Z	Compliance	2008 SANS Top 20 Report	Auto	LOGIN: System FIRSTNAME: System LASTNAME: System
1	1528878	2017-06-07T20:34:57Z	Compliance	Qualys Top 20 Report	Auto	LOGIN: System FIRSTNAME: System LASTNAME: System
1	1528879	2017-06-07T20:34:57Z	Compliance	Payment Card Industry (PCI) Technical Report	Manual	LOGIN: System FIRSTNAME: System LASTNAME: System
1	1528880	2017-06-07T20:34:57Z	Compliance	Payment Card Industry (PCI) Executive Report	Manual	LOGIN: System FIRSTNAME: System LASTNAME: System
1	1528881	2017-06-07T20:34:57Z	Remediation	Executive Remediation Report	Auto	LOGIN: System FIRSTNAME: System LASTNAME: System
1	1528882	2017-06-07T20:34:57Z	Remediation	Tickets per Vulnerability	Auto	LOGIN: System FIRSTNAME: System LASTNAME: System
1	1528883	2017-06-07T20:34:57Z	Remediation	Tickets per User	Auto	LOGIN: System FIRSTNAME: System LASTNAME: System
1	1528884	2017-06-07T20:34:57Z	Remediation	Tickets per Asset Group	Auto	LOGIN: System FIRSTNAME: System LASTNAME: System
1	1528886	2017-06-07T20:35:05Z	Policy	Policy Report Template	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	1528888	2017-06-07T20:34:58Z	Map	Unknown Device Report	Manual	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi
1	2389895	2021-05-07T15:28:52Z	Patch	Critical Patches Required v.1	Auto	LOGIN: demst2nr FIRSTNAME: Neelima LASTNAME: Rustagi

qualys-vulnerability-list

---

download a list of vulnerabilities from Qualys’ KnowledgeBase

Base Command

qualys-vulnerability-list

Input

Argument Name	Description	Required
details	Show the requested amount of information for each vulnerability in the XML output. A valid value is: Basic (default), All, or None. Basic includes basic elements plus CVSS Base and Temporal scores. All includes all vulnerability details, including the Basic details. Possible values are: Basic, All, None.	Optional
ids	Used to filter the XML output to include only vulnerabilities that have QID numbers matching the QID numbers you specify.	Optional
id_min	Used to filter the XML output to show only vulnerabilities that have a QID number greater than or equal to a QID number you specify.	Optional
id_max	Used to filter the XML output to show only vulnerabilities that have a QID number less than or equal to a QID number you specify.	Optional
is_patchable	Used to filter the XML output to show only vulnerabilities that are patchable or not patchable. A vulnerability is considered patchable when a patch exists for it. When 1 is specified, only vulnerabilities that are patchable will be included in the output. When 0 is specified, only vulnerabilities that are not patchable will be included in the output. When unspecified, patchable and unpatchable vulnerabilities will be included in the output. Possible values are: 0, 1.	Optional
last_modified_after	Used to filter the XML output to show only vulnerabilities last modified after a certain date and time. When specified vulnerabilities last modified by a user or by the service will be shown. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
last_modified_before	Used to filter the XML output to show only vulnerabilities last modified before a certain date and time. When specified vulnerabilities last modified by a user or by the service will be shown. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
last_modified_by_user_after	Used to filter the XML output to show only vulnerabilities last modified by a user after a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
last_modified_by_user_before	Used to filter the XML output to show only vulnerabilities last modified by a user before a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
last_modified_by_service_after	Used to filter the XML output to show only vulnerabilities last modified by the service after a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
last_modified_by_service_before	Used to filter the XML output to show only vulnerabilities last modified by the service before a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
published_after	Used to filter the XML output to show only vulnerabilities published after a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
published_before	Used to filter the XML output to show only vulnerabilities published before a certain date and time. use YYYY-MM-DD[THH:MM:SSZ] like “2007-07-01” or “2007-01-25T23:12:00Z” or today, yesterday, 24hr ago, 3 days ago, last week.	Optional
discovery_method	(Optional) Used to filter the XML output to show only vulnerabilities assigned a certain discovery method. A valid value is: Remote, Authenticated, RemoteOnly, AuthenticatedOnly, or RemoteAndAuthenticated. Possible values are: Remote, Authenticated, RemoteOnly, AuthenticatedOnly, RemoteAndAuthenticated.	Optional
discovery_auth_types	Used to filter the XML output to show only vulnerabilities having one or more authentication types. A valid value is: Windows, Oracle, Unix or SNMP. Multiple values are entered as a comma-separated list.	Optional
show_pci_reasons	Used to filter the XML output to show reasons for passing or failing PCI compliance (when the CVSS Scoring feature is turned on in the user’s subscription). Specify 1 to view the reasons in the XML output. When unspecified, the reasons are not included in the XML output. Possible values are: 0, 1.	Optional
show_supported_modules_info	Used to filter the XML output to show Qualys modules that can be used to detect each vulnerability. Specify 1 to view supported modules in the XML output. When unspecified, supported modules are not included in the XML output. Possible values are: 0, 1.	Optional
show_disabled_flag	Specify 1 to include the disabled flag for each vulnerability in the XML output. Possible values are: 0, 1.	Optional
show_qid_change_log	Specify 1 to include QID changes for each vulnerability in the XML output. Possible values are: 0, 1.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.Vulnerability.List.QID	unknown	Vulnerability QID.
Qualys.Vulnerability.List.PATCHABLE	unknown	Is Vulnerability patchable.
Qualys.Vulnerability.List.SEVERITY_LEVEL	unknown	Severity level of the Vulnerability.
Qualys.Vulnerability.List.CONSEQUENCE	unknown	Consequence of the Vulnerability.
Qualys.Vulnerability.List.VENDOR_REFERENCE_LIST.VENDOR_REFERENCE.ID	unknown	ID of the vendor.
Qualys.Vulnerability.List.VENDOR_REFERENCE_LIST.VENDOR_REFERENCE.URL	unknown	URL of the vendor.
Qualys.Vulnerability.List.LAST_SERVICE_MODIFICATION_DATETIME	unknown	Date of the last service modification.
Qualys.Vulnerability.List.CVE_LIST.CVE.ID	unknown	CVE ID.
Qualys.Vulnerability.List.CVE_LIST.CVE.URL	unknown	CVE URL.
Qualys.Vulnerability.List.PUBLISHED_DATETIME	unknown	Published date.
Qualys.Vulnerability.List.DISCOVERY.ADDITIONAL_INFO	unknown	Additional info.
Qualys.Vulnerability.List.DISCOVERY.AUTH_TYPE_LIST.AUTH_TYPE	unknown	Discovery Authentication type.
Qualys.Vulnerability.List.DISCOVERY.REMOTE	unknown	Is discovery remote.
Qualys.Vulnerability.List.DIAGNOSIS	unknown	Diagnosis of vulnerability.
Qualys.Vulnerability.List.PCI_FLAG	unknown	PCI flag.
Qualys.Vulnerability.List.SOFTWARE_LIST.SOFTWARE.PRODUCT	unknown	Product name.
Qualys.Vulnerability.List.SOFTWARE_LIST.SOFTWARE.VENDOR	unknown	Vendor of the product.
Qualys.Vulnerability.List.VULN_TYPE	unknown	Type of the vulnerability.
Qualys.Vulnerability.List.TITLE	unknown	Title of the vulnerability.
Qualys.Vulnerability.List.SOLUTION	unknown	Solution for the vulnerability.
Qualys.Vulnerability.List.CATEGORY	unknown	Category of the vulnerability.

Command Example

!qualys-vulnerability-list published_after=2021-04-01 published_before=2021-04-20 details=Basic is_patchable=1

Context Example

{

"File": {

"EntryID": "1457@ad70a33b-26a4-4a3c-8013-24494880c3ee",

"Info": "text/html",

"MD5": "fcc96f72a8ec05bad85f76b84b660548",

"Name": "Result file",

"SHA1": "c7511da62209ea195fb3e4c57e472ed8f47576bc",

"SHA256": "3551eb3fea9fd881dc5827bb53040f11aedaa1515045bbf5ab7b648e6fc380b7",

"SHA512": "480085d65387a950e9a60d017ced084290c1bc2f783dad758e986e15b04c5edd6c1ff622f6632875a7ad54f7105bcbb4eb05f3878995ad27c797eb41c4b27afe",

"SSDeep": "3072:UtD4/FegMJuPyfrDK2fkQqGp+Zr2QNim101s6cZj+5BnF/WkWFdG5LB3Zag357OB:u/5LsTMc4/U5",

"Size": 713309,

"Type": "HTML document text, ASCII text, with very long lines"

},

"Qualys": {

"Vulnerability": {

"List": [

{

"CATEGORY": "CGI",

"CONSEQUENCE": "These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.<P>",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": [

{

"DESC": "jQuery 1.2 - Cross-Site Scripting (XSS) - The Exploit-DB Ref : 49766",

"LINK": "http://www.exploit-db.com/exploits/49766",

"REF": "CVE-2020-11022"

},

{

"DESC": "jQuery 1.0.3 - Cross-Site Scripting (XSS) - The Exploit-DB Ref : 49767",

"LINK": "http://www.exploit-db.com/exploits/49767",

"REF": "CVE-2020-11023"

}

]

},

"SRC_NAME": "The Exploit-DB"

}

}

},

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-11022",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022"

},

{

"ID": "CVE-2020-11023",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023"

}

]

},

"DIAGNOSIS": "Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions.<P>\n\nAffected version:<br/>\nAtlassian Jira before version 8.15.0<P>\n\nQID Detection Logic:(Unauthenticated)<br/>\nIt checks for vulnerable version of Atlassian Jira.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:29Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:29Z",

"QID": "10083",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "jira",

"VENDOR": "atlassian"

}

},

"SOLUTION": "Customers are advised to refer to <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72052\" TARGET=\"_blank\">JRASERVER-72052</A> for updates pertaining to this vulnerability.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72052\" TARGET=\"_blank\">JRASERVER-72052</A>",

"TITLE": "Atlassian Jira Cross-Site Scripting Vulnerability(JRASERVER-72052)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "JRASERVER-72052",

"URL": "https://jira.atlassian.com/browse/JRASERVER-72052"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Allow a remote attacker to inject arbitrary Javascript into the context of the application.<P>",

"DIAGNOSIS": "Confluence is team collaboration software written in Java.<P>\n\nAffected Versions:<br/>\nAtlassian Confluence before version 7.4.8<P>\n\nQID Detection Logic:<br/>\nThis unauthenticated QID detects vulnerable Atlassian Confluence versions by making GET request to login.action page and parsing information exposed in ajs-version-number or footer-build-information HTML entities.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:29Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:29Z",

"QID": "10501",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "confluence",

"VENDOR": "atlassian"

}

},

"SOLUTION": "Customers are advised to refer to upgrade to <A HREF=\"https://www.atlassian.com/software/confluence/download\" TARGET=\"_blank\">Atlassian Confluence 7.8.0, 6.13.20, 7.4.8</A> or later versions to remediate this vulnerability.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://jira.atlassian.com/browse/CONFSERVER-61622\" TARGET=\"_blank\">CONFSERVER-61622</A>",

"TITLE": "Atlassian Confluence Cross-Site Scripting Vulnerability (CONFSERVER-61622)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CONFSERVER-61622",

"URL": "https://jira.atlassian.com/browse/CONFSERVER-61622"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"BUGTRAQ_LIST": {

"BUGTRAQ": {

"ID": "95386",

"URL": "http://www.securityfocus.com/bid/95386"

}

},

"CATEGORY": "CGI",

"CONSEQUENCE": "An authenticated user with admin privileges to create sitemaps can execute arbitrary PHP code by creating a malicious sitemap file.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-7932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7932"

}

},

"DIAGNOSIS": "Magento is PHP based e-commerce platform.<br/>\nMagento Commerce has a remote code execution vulnerability<P>\n\nAffected Versions:<br/>\nMagento Commerce prior to 1.14.4.2<br/>\nMagento 2.1 prior to 2.1.18<br/>\nMagento 2.2 prior to 2.2.9<br/>\nMagento 2.3 prior to 2.3.2<P>\n\nQID Detection Logic:<br/>\nThis QID checks for vulnerable version of Magento on system<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "13250",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "magento",

"VENDOR": "adobe"

}

},

"SOLUTION": "The vendor has released a fix in <A HREF=\"https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13\" TARGET=\"_blank\">PRODSECBUG-2351</A> to remediate this vulnerability.<br/>\n\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://magento.com/tech-resources/download?_ga=2.48007079.18249196.1609397868-1531796080.1609397868\" TARGET=\"_blank\">Magento</A>",

"TITLE": "Magento Commerce Remote Code Execution Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2019-7932",

"URL": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Hardware",

"CONSEQUENCE": "This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-0223",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0223"

},

{

"ID": "CVE-2021-0204",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0204"

}

]

},

"DIAGNOSIS": "Juniper Junos is the network operating system used in Juniper Networks hardware systems.<P>\n\nMultiple local privilege escalation vulnerabilities in Juniper Networks Junos OS have been reported due to the setuid bit being enabled on multiple binaries.<P>\n\nAffected releases are Junos OS:<br/>\nall versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S11;\n17.4 versions prior to 17.4R2-S12, 17.4R3-S3;\n18.1 versions prior to 18.1R3-S11;\n18.2 versions prior to 18.2R3-S6;\n18.3 versions prior to 18.3R3-S4;\n18.4 versions prior to 18.4R2-S7, 18.4R3-S6;\n19.1 versions prior to 19.1R2-S2, 19.1R3-S4;\n19.2 versions prior to 19.2R1-S6, 19.2R3-S1;\n19.3 versions prior to 19.3R3-S1;\n19.4 versions prior to 19.4R2-S2, 19.4R3-S1;\n20.1 versions prior to 20.1R1-S4, 20.1R2;\n20.2 versions prior to 20.2R2.\n\n\nQID detection logic: (Authenticated)<br/>\nIt checks for vulnerable Junos OS version.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "43823",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "junos",

"VENDOR": "juniper"

}

},

"SOLUTION": "The vendor has released fixes.<br/>\nThe following software releases have been updated to resolve these specific issues:<br/>\n\nJunos OS 15.1R7-S9*, 17.3R3-S11*, 17.4R2-S12, 17.4R3-S3, 18.1R3-S11, 18.2R3-S6, 18.3R3-S4, 18.4R2-S7, 18.4R3-S6, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S1, 19.3R3-S1, 19.4R2-S2, 19.4R3-S1, 20.1R1-S4, 20.1R2, 20.2R2, 20.3R1, and all subsequent releases.<br/>\n\n\nFor more information please visit <A HREF=\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11114\" TARGET=\"_blank\">JSA11114</A>.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11114\" TARGET=\"_blank\">JSA11114</A>",

"TITLE": "Juniper Junos Multiple Local Privilege Escalation Vulnerabilities (JSA11114)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "JSA11114",

"URL": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11114"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Hardware",

"CONSEQUENCE": "Successful exploitation allows unauthorized disclosure information.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2009-3238",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3238"

}

},

"DIAGNOSIS": "A security vulnerability in certain HPE routers, switches, and office connectivity products that use Linux-based Comware 5 and Comware 7 software could allow remote unauthorized disclosure of information.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "43824",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "router",

"VENDOR": "hpe"

}

},

"SOLUTION": "Vendor has released updates to fix the issue. Please refer to vendor advisory <A HREF=\"https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-hpesbhf03836en_us\" TARGET=\"_blank\">HPESBHF03836</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf03836en_us\" TARGET=\"_blank\">HPESBHF03836</A>",

"TITLE": "HPE Comware Routers and Switches Remote Unauthorized Disclosure of Information HPESBHF03836",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "HPESBHF03836",

"URL": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf03836en_us"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Hardware",

"CONSEQUENCE": "On Successful exploitation could lead to information disclosure.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-5591",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5591"

}

},

"DIAGNOSIS": "<P>FortiOS is a security-hardened, purpose-built operating system that is the software foundation of FortiGate.<br/>\nIt is affected with following vulnerability:<br/> CVE-2019-5591 : A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet <br/>to intercept sensitive information by impersonating the LDAP server.\n\n<P>Affected Products :<br/>\n FortiOS 6.2.0 and below. Enabling the CLI option that checks for LDAP server identity entirely prevents the issue. Potential detection as cannot determine server-identity-check enabled or disabled.\n\nNote: FortiOS 6.2.1 and above have server-identity-check enabled by default, when installed from scratch. <br/>Upgrading from 6.0.3 - 6.2.0 to 6.2.1 and above does not suffice to thwart the <br/>issue: server-identity-check must be enabled (prior the upgrade of after, indifferently) to solve this.\n\n<P>QID Detection Logic (Authenticated) :<br/>\nDetection checks for vulnerable version of FortiOS.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-13T05:06:29Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "43825",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "fortios",

"VENDOR": "cisco"

}

},

"SOLUTION": "Enabling the CLI option that checks for LDAP server identity entirely prevents the issue OR Upgrade to FortiOS 6.2.1 or above from scratch.\nVendor has released fix to address these vulnerabilities. Refer to <A HREF=\"https://www.fortiguard.com/psirt/FG-IR-19-037\" TARGET=\"_blank\">FG-IR-19-037</A>Workaround:<br/> A workaround exists, enabling the CLI option that checks for LDAP server identity entirely prevents the issue. This option can be enabled only if secure and ca-cert of the LDAP server are set. \nFollowing commands can be used for this cli option:\nconfig user ldap\nedit ldap-server\nset ca-cert\nset secure ldaps\nset server-identity-check enable\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.fortiguard.com/psirt/FG-IR-19-037\" TARGET=\"_blank\">FG-IR-19-037: FortiOS</A>",

"TITLE": "Fortigate FortiOS Default Configuration(FG-IR-19-037)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "FG-IR-19-037",

"URL": "https://www.fortiguard.com/psirt/FG-IR-19-037"

}

},

"VULN_TYPE": "Potential Vulnerability"

},

{

"CATEGORY": "Hardware",

"CONSEQUENCE": "This vulnerability might allow an attacker to cause an extended Denial of Service (DoS) attack against the device and to cause clients to be vulnerable to DNS based attacks by malicious DNS servers when they send DNS requests through the device.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-1660",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1660"

}

},

"DIAGNOSIS": "Juniper Junos is the network operating system used in Juniper Networks hardware systems.<P>\n\nAffected releases are Junos OS:<br/>\n17.3 versions prior to 17.3R3-S8.<br/>\n18.3 versions prior to 18.3R3-S1.<br/>\n18.4 versions prior to 18.4R3.<br/>\n19.1 versions prior to 19.1R3.<br/>\n19.2 versions prior to 19.2R2.<br/>\n19.3 versions prior to 19.3R3.<P>\n\nQID detection logic: (Authenticated)<br/>\nIt checks for vulnerable Junos OS version.\n\nNOTE: The following minimal configuration is required to potentially hit this issue:\nservices web-filter profile profile-name dns-filter-template template-name",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "43826",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "junos",

"VENDOR": "juniper"

}

},

"SOLUTION": "The vendor has released fixes.<br/>For more information please visit <A HREF=\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11054\" TARGET=\"_blank\">JSA11054</A>.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11054\" TARGET=\"_blank\">JSA11054</A>",

"TITLE": "Juniper Junos OS:MX Series Denial of Service (DNS Filtering)vulnerability(JSA11054)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "JSA11054",

"URL": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11054"

}

},

"VULN_TYPE": "Potential Vulnerability"

},

{

"CATEGORY": "Hardware",

"CONSEQUENCE": "Successful exploitation allows attacker to execute remote code.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-0254",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0254"

}

},

"DIAGNOSIS": "Juniper Junos is the network operating system used in Juniper Networks hardware systems.<P>\nA buffer overflow vulnerability exists in the overlayd service of Juniper Networks Junos OS.<br/>\nThe overlayd daemon handles Overlay OAM packets, such as ping and traceroute, sent to the overlay. The service runs as root by default and listens for UDP connections on port 4789. This issue results from improper buffer size validation, which can lead to a buffer overflow.<P>\n\nAffected releases are Junos OS:<br/>\n15.1X49 versions prior to 15.1X49-D240 on SRX Series;<br/>\n15.1 versions prior to 15.1R7-S9;<br/>\n17.3 versions prior to 17.3R3-S11;<br/>\n17.4 versions prior to 17.4R2-S13, 17.4R3-S4;<br/>\n18.1 versions prior to 18.1R3-S12;<br/>\n18.2 versions prior to 18.2R2-S8, 18.2R3-S7;<br/>\n18.3 versions prior to 18.3R3-S4;<br/>\n18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7;<br/>\n19.1 versions prior to 19.1R2-S2, 19.1R3-S4;<br/>\n19.2 versions prior to 19.2R1-S6, 19.2R3-S2;<br/>\n19.3 versions prior to 19.3R3-S1;<br/>\n19.4 versions prior to 19.4R2-S4, 19.4R3-S1;<br/>\n20.1 versions prior to 20.1R2-S1, 20.1R3;<br/>\n20.2 versions prior to 20.2R2, 20.2R2-S1, 20.2R3;<br/>\n20.3 versions prior to 20.3R1-S1.<P>\n\nQID detection logic: (Authenticated)<br/>\nIt checks for vulnerable Junos OS version.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T16:47:32Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "43827",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "junos",

"VENDOR": "juniper"

}

},

"SOLUTION": "The vendor has released fixes.<br/>\nThe following software releases have been updated to resolve these specific issues:<br/>\n\nJunos OS 15.1X49-D240, 15.1R7-S9, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R2-S8, 18.2R3-S7, 18.3R3-S4, 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R3-S1, 19.4R2-S4, 19.4R3-S1, 20.1R2-S1, 20.1R3, 20.2R2, 20.2R2-S1, 20.2R3, 20.3R1-S1, 20.4R1, and all subsequent releases.<br/>\n\n\nFor more information please visit <A HREF=\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11114\" TARGET=\"_blank\">JSA11147</A>.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11147&actp=METADATA\" TARGET=\"_blank\">JSA11147</A>",

"TITLE": "Juniper Junos Remote Code Execution Vulnerability (JSA11147)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "JSA11147",

"URL": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11147&actp=METADATA"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mail services",

"CONSEQUENCE": "Successful exploitation allows attackers to execute remote code.<br/>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-28480",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28480"

},

{

"ID": "CVE-2021-28481",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28481"

},

{

"ID": "CVE-2021-28482",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28482"

},

{

"ID": "CVE-2021-28483",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28483"

}

]

},

"DIAGNOSIS": "Microsoft Exchange Server is prone to remote code execution vulnerability.<br/>\nKB Articles associated with this update are: KB5001779<P>\nAffected Versions:<br/>\nMicrosoft Exchange Server 2013 Cumulative Update 23<br/>\nMicrosoft Exchange Server 2016 Cumulative Update 19<br/>\nMicrosoft Exchange Server 2016 Cumulative Update 20<br/>\nMicrosoft Exchange Server 2019 Cumulative Update 8<br/>\nMicrosoft Exchange Server 2019 Cumulative Update 9<P>\n\nQID Detection Logic (authenticated):<br/>The QID checks for the version of file Exsetup.exe.<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T12:32:01Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:46Z",

"QID": "50109",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "exchange_server",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Customers are advised to refer to <A HREF=\"https://support.microsoft.com/help/5001779\" TARGET=\"_blank\">KB5001779</A> for information pertaining to this vulnerability.<br/>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://support.microsoft.com/help/5001779\" TARGET=\"_blank\">KB5001779</A>",

"TITLE": "Microsoft Exchange Server Remote Code Execution Vulnerability - April 2021",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "KB5001779",

"URL": "https://support.microsoft.com/help/5001779"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Web server",

"CONSEQUENCE": "A successful exploit could give an unauthenticated attacker access file on the SAP system.",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": {

"DESC": "SAP NetWeaver AS JAVA 7.1 < 7.5 - Directory Traversal - The Exploit-DB Ref : 39996",

"LINK": "http://www.exploit-db.com/exploits/39996",

"REF": "CVE-2016-3976"

}

},

"SRC_NAME": "The Exploit-DB"

}

}

},

"CVE_LIST": {

"CVE": {

"ID": "CVE-2016-3976",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3976"

}

},

"DIAGNOSIS": "SAP NetWeaver Application Server (AS) or SAP Web Application Server is a component of the solution which works as a web application server to SAP solutions.<P>\nSAP NetWeaver AS JAVA is exposed to a directory traversal vulnerability. (CVE-2016-3976)\n<P>Affected Versions<br/>\nSAP NetWeaver AS JAVA Versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40 , 7.50.\n<P>QID Detection Logic(s):<br/>\nScan initiates HTTP request with an active payload to detect the vulnerability.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:32Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:32Z",

"QID": "87446",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "netweaver",

"VENDOR": "sap"

}

},

"SOLUTION": "some solution",

"TITLE": "SAP NetWeaver AS JAVA Directory Traversal Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "someid",

"URL": "https://blogs.sap.com/2016/03/08/sap-security-patch-day-march-2016/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Web server",

"CONSEQUENCE": "A successful exploit could give an unauthenticated attacker to obtain unauthorized access to an OS filesystem.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2016-9563",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9563"

}

},

"DIAGNOSIS": "SAP NetWeaver Application Server (AS) or SAP Web Application Server is a component of the solution which works as a web application server to SAP solutions.<P>\nBC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI<P>\n<P>Affected Versions<br/>\nSAP NetWeaver AS JAVA Versions 7.50.\n<P>QID Detection Logic(s):<br/>\nThis QID sends a HTTP POST request to &quot;sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn&quot; to detect the vulnerability",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T12:29:35Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:32Z",

"QID": "87447",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "netweaver",

"VENDOR": "sap"

}

},

"SOLUTION": "somesolution2",

"TITLE": "SAP NetWeaver AS JAVA 7.5 XML External Entity Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "someid2",

"URL": "https://service.sap.com/sap/support/notes/2296909"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Windows",

"CONSEQUENCE": "Successful exploitation allows attacker to bypass the security feature and allows set a second cookie with the name being percent encoded.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-26701",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26701"

}

},

"DIAGNOSIS": "A denial of service vulnerability exists when .NET Core improperly handles web requests.<br/>\nThis security update is rated Important for supported versions of .NET Core.<P>\nAffected versions:<br/>\nAny .NET Core 2.1 , 3.1 or .NET 5.0 application running on .NET Core 2.1.25, 3.1.12 or .NET 5.0.3 or lower respectively.<P>\nQID Detection Logic (Authenticated):<br/>\nThe qid looks for sub directories under %programfiles%\\dotnet\\shared\\Microsoft.NETCore.App, %programfiles(x86)%\\dotnet\\shared\\Microsoft.NETCore.App and checks for vulnerable versions in .version file on Windows.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-12T13:50:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-12T13:50:00Z",

"QID": "91756",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": ".net_core",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Customers are advised to refer to <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26701\" TARGET=\"_blank\">CVE-2021-26701</A> for more details pertaining to this vulnerability.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26701\" TARGET=\"_blank\">CVE-2021-26701: WIndows</A>",

"TITLE": "Microsoft .NET Core Security Update March 2021",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-26701",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26701"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Windows",

"CONSEQUENCE": "Successful exploitation can affect confidentiality, integrity and availability.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27064",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27064"

}

},

"DIAGNOSIS": "Microsoft has released security update for Visual Studio which resolves multiple security vulnerabilities.<P>\n\nAffected Software:<br/>\nMicrosoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)<br/>\nMicrosoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)<br/>\nMicrosoft Visual Studio 2019 version 16.7 (includes 16.0 - 16.6)<br/>\n\nMicrosoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)<P>\nQID Detection Logic:Authenticated<br/>\nThis QID detects vulnerable versions of Microsoft Visual Studio by checking file version of devenv.exe.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-14T05:14:46Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:46Z",

"QID": "91757",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "visual studio",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Customers are advised to refer to <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27064\" TARGET=\"_blank\">CVE-2021-27064</A> for more information pertaining to this vulnerability.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-27064\" TARGET=\"_blank\">CVE-2021-27064: WIndows</A>",

"TITLE": "Microsoft Visual Studio Security Update for April 2021",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-27064",

"URL": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-27064"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Windows",

"CONSEQUENCE": "A remote attacker could exploit this vulnerability and execute code on the target system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26413",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26413"

},

{

"ID": "CVE-2021-26415",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26415"

},

{

"ID": "CVE-2021-26416",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26416"

},

{

"ID": "CVE-2021-26417",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26417"

},

{

"ID": "CVE-2021-27072",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27072"

},

{

"ID": "CVE-2021-27079",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27079"

},

{

"ID": "CVE-2021-27086",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27086"

},

{

"ID": "CVE-2021-27088",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27088"

},

{

"ID": "CVE-2021-27089",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27089"

},

{

"ID": "CVE-2021-27090",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27090"

},

{

"ID": "CVE-2021-27091",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27091"

},

{

"ID": "CVE-2021-27092",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27092"

},

{

"ID": "CVE-2021-27093",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27093"

},

{

"ID": "CVE-2021-27094",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27094"

},

{

"ID": "CVE-2021-27095",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27095"

},

{

"ID": "CVE-2021-27096",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27096"

},

{

"ID": "CVE-2021-28309",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28309"

},

{

"ID": "CVE-2021-28310",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28310"

},

{

"ID": "CVE-2021-28311",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28311"

},

{

"ID": "CVE-2021-28312",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28312"

},

{

"ID": "CVE-2021-28313",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28313"

},

{

"ID": "CVE-2021-28314",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28314"

},

{

"ID": "CVE-2021-28315",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28315"

},

{

"ID": "CVE-2021-28316",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28316"

},

{

"ID": "CVE-2021-28317",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28317"

},

{

"ID": "CVE-2021-28318",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28318"

},

{

"ID": "CVE-2021-28319",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28319"

},

{

"ID": "CVE-2021-28320",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28320"

},

{

"ID": "CVE-2021-28321",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28321"

},

{

"ID": "CVE-2021-28322",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28322"

},

{

"ID": "CVE-2021-28323",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28323"

},

{

"ID": "CVE-2021-28324",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28324"

},

{

"ID": "CVE-2021-28325",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28325"

},

{

"ID": "CVE-2021-28326",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28326"

},

{

"ID": "CVE-2021-28327",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28327"

},

{

"ID": "CVE-2021-28328",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28328"

},

{

"ID": "CVE-2021-28329",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28329"

},

{

"ID": "CVE-2021-28330",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28330"

},

{

"ID": "CVE-2021-28331",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28331"

},

{

"ID": "CVE-2021-28332",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28332"

},

{

"ID": "CVE-2021-28333",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28333"

},

{

"ID": "CVE-2021-28334",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28334"

},

{

"ID": "CVE-2021-28335",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28335"

},

{

"ID": "CVE-2021-28336",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28336"

},

{

"ID": "CVE-2021-28337",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28337"

},

{

"ID": "CVE-2021-28338",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28338"

},

{

"ID": "CVE-2021-28339",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28339"

},

{

"ID": "CVE-2021-28340",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28340"

},

{

"ID": "CVE-2021-28341",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28341"

},

{

"ID": "CVE-2021-28342",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28342"

},

{

"ID": "CVE-2021-28343",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28343"

},

{

"ID": "CVE-2021-28344",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28344"

},

{

"ID": "CVE-2021-28345",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28345"

},

{

"ID": "CVE-2021-28346",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28346"

},

{

"ID": "CVE-2021-28347",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28347"

},

{

"ID": "CVE-2021-28348",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28348"

},

{

"ID": "CVE-2021-28349",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28349"

},

{

"ID": "CVE-2021-28350",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28350"

},

{

"ID": "CVE-2021-28351",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28351"

},

{

"ID": "CVE-2021-28352",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28352"

},

{

"ID": "CVE-2021-28353",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28353"

},

{

"ID": "CVE-2021-28354",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28354"

},

{

"ID": "CVE-2021-28355",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28355"

},

{

"ID": "CVE-2021-28356",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28356"

},

{

"ID": "CVE-2021-28357",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28357"

},

{

"ID": "CVE-2021-28358",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28358"

},

{

"ID": "CVE-2021-28434",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28434"

},

{

"ID": "CVE-2021-28435",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28435"

},

{

"ID": "CVE-2021-28436",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28436"

},

{

"ID": "CVE-2021-28437",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28437"

},

{

"ID": "CVE-2021-28438",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28438"

},

{

"ID": "CVE-2021-28439",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28439"

},

{

"ID": "CVE-2021-28440",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28440"

},

{

"ID": "CVE-2021-28441",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28441"

},

{

"ID": "CVE-2021-28442",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28442"

},

{

"ID": "CVE-2021-28443",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28443"

},

{

"ID": "CVE-2021-28444",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28444"

},

{

"ID": "CVE-2021-28445",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28445"

},

{

"ID": "CVE-2021-28446",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28446"

},

{

"ID": "CVE-2021-28447",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28447"

},

{

"ID": "CVE-2021-28464",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28464"

},

{

"ID": "CVE-2021-28466",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28466"

},

{

"ID": "CVE-2021-28468",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28468"

}

]

},

"DIAGNOSIS": "Microsoft releases the security update for Windows April 2021<P>\nThe KB Articles associated with the update:<br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001387\" TARGET=\"_blank\">KB5001387</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001382\" TARGET=\"_blank\">KB5001382</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001339\" TARGET=\"_blank\">KB5001339</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001337\" TARGET=\"_blank\">KB5001337</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001347\" TARGET=\"_blank\">KB5001347</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001383\" TARGET=\"_blank\">KB5001383</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001342\" TARGET=\"_blank\">KB5001342</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001392\" TARGET=\"_blank\">KB5001392</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001335\" TARGET=\"_blank\">KB5001335</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001330\" TARGET=\"_blank\">KB5001330</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001389\" TARGET=\"_blank\">KB5001389</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001332\" TARGET=\"_blank\">KB5001332</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001393\" TARGET=\"_blank\">KB5001393</A><br/>\n<A HREF=\"https://support.microsoft.com/en-us/help/5001340\" TARGET=\"_blank\">KB5001340</A><br/>\n<P>This QID checks for the file version of ntoskrnl.exe\n<P>The following versions of ntoskrnl.exe with their corresponding KBs are verified:<br/>\nKB5001387 - 6.2.9200.23327<br/>\nKB5001382 - 6.3.9600.19994<br/>\nKB5001339 - 10.0.17134.2145<br/>\nKB5001337 - 10.0.18362.1500<br/>\nKB5001347 - 10.0.14393.4350<br/>\nKB5001383 - 6.2.9200.23327<br/>\nKB5001342 - 10.0.17763.1879<br/>\nKB5001392 - 6.1.7601.24576<br/>\nKB5001335 - 6.1.7601.24576<br/>\nKB5001330 - 10.0.19041.928<br/>\nKB5001389 - 6.0.6003.21095<br/>\nKB5001332 - 6.0.6003.21095<br/>\nKB5001393 - 6.3.9600.19994<br/>\nKB5001340 - 10.0.10240.18906<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T12:32:01Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:46Z",

"QID": "91758",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "windows",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Please refer to the <A HREF=\"https://portal.msrc.microsoft.com/en-us/security-guidance\" TARGET=\"_blank\">Security Update Guide</A> for more information pertaining to these vulnerabilities.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://portal.msrc.microsoft.com/en-us/security-guidance\" TARGET=\"_blank\">Microsoft Security Update Guide: Windows</A>",

"TITLE": "Microsoft Windows Security Update for April 2021",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "KB5001387",

"URL": "https://support.microsoft.com/en-in/help/5001387"

},

{

"ID": "KB5001382",

"URL": "https://support.microsoft.com/en-in/help/5001382"

},

{

"ID": "KB5001339",

"URL": "https://support.microsoft.com/en-in/help/5001339"

},

{

"ID": "KB5001337",

"URL": "https://support.microsoft.com/en-in/help/5001337"

},

{

"ID": "KB5001347",

"URL": "https://support.microsoft.com/en-in/help/5001347"

},

{

"ID": "KB5001383",

"URL": "https://support.microsoft.com/en-in/help/5001383"

},

{

"ID": "KB5001342",

"URL": "https://support.microsoft.com/en-in/help/5001342"

},

{

"ID": "KB5001392",

"URL": "https://support.microsoft.com/en-in/help/5001392"

},

{

"ID": "KB5001335",

"URL": "https://support.microsoft.com/en-in/help/5001335"

},

{

"ID": "KB5001330",

"URL": "https://support.microsoft.com/en-in/help/5001330"

},

{

"ID": "KB5001389",

"URL": "https://support.microsoft.com/en-in/help/5001389"

},

{

"ID": "KB5001332",

"URL": "https://support.microsoft.com/en-in/help/5001332"

},

{

"ID": "KB5001393",

"URL": "https://support.microsoft.com/en-in/help/5001393"

},

{

"ID": "KB5001340",

"URL": "https://support.microsoft.com/en-in/help/5001340"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Windows",

"CONSEQUENCE": "Successful exploitation may allow unauthorized disclosure of information, unauthorized modification or disruption of service.<P>",

"DIAGNOSIS": "Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don't install the latest servicing stack update, there's a risk that your device can't be updated with the latest Microsoft security fixes.<P>\nMicrosoft has released Servicing Stack security updates for Windows.<br/>Related KBs:<br/>KB5001401,KB5001403,KB5001399,KB5001402,KB5001400,KB5001404,5001406\n<br/>\nQID Detection Logic (Authenticated): <br/>\nThis authenticated QID will check for file version of CbsCore.dll<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-14T05:14:46Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-14T05:14:46Z",

"QID": "91759",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "servicing_stack",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Customers are advised to refer to advisory <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV990001\" TARGET=\"_blank\">ADV990001</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV990001\" TARGET=\"_blank\">ADV990001</A>",

"TITLE": "Microsoft Windows Servicing Stack Security Update April 2021",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ADV990001",

"URL": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV990001"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Windows",

"CONSEQUENCE": "Successful exploitation allows attacker to get access to Azure DevOps Server pipeline configuration variables and secrets.<br/>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27067",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27067"

},

{

"ID": "CVE-2021-28459",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28459"

}

]

},

"DIAGNOSIS": "Azure DevOps Server and Team Foundation Server are prone to information disclosure vulnerability.<br/>\nAzure DevOps Server 2020.0.1<br/>\nAzure DevOps Server 2020<br/>\nAzure DevOps Server 2019.0.1<br/>\nAzure DevOps Server 2019 Update 1<br/>\nAzure DevOps Server 2019 Update 1.1<br/>\nTeam Foundation Server 2018 Update 3.2<br/>\nTeam Foundation Server 2018 Update 1.2<br/>\nTeam Foundation Server 2017 Update 3.1<br/>\nTeam Foundation Server 2015 Update 4.2<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T12:32:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:46Z",

"QID": "91760",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "azure_devops_server",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Customers are advised to refer to <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27067\" TARGET=\"_blank\">CVE-2021-27067</A>, <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28459\" TARGET=\"_blank\">CVE-2021-28459</A> for information pertaining to this vulnerability.<br/>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://aka.ms/azdev2020.0.1patch2\" TARGET=\"_blank\">Azure DevOps Server 2020</A><P> <A HREF=\"https://aka.ms/azdev2019.1.1patch8\" TARGET=\"_blank\">Azure DevOps Server 2019 Update 1.1</A><P> <A HREF=\"http://aka.ms/azdev2019.1patch\" TARGET=\"_blank\">Azure DevOps Server 2019 Update 1</A><P> <A HREF=\"https://aka.ms/tfs2015.4.2patch\" TARGET=\"_blank\">Team Foundation Server 2015 Update 4.2</A><P> <A HREF=\"https://aka.ms/tfs2018.3.2patch\" TARGET=\"_blank\">Team Foundation Server 2018 Update 3.2</A><P> <A HREF=\"https://aka.ms/tfs2018.1.2patch\" TARGET=\"_blank\">Team Foundation Server 2018 Update 1.2</A><P> <A HREF=\"https://aka.ms/tfs2017.3.1patch\" TARGET=\"_blank\">Team Foundation Server 2017 Update 3.1</A><P> <A HREF=\"https://aka.ms/azdev2019.1.1patch10\" TARGET=\"_blank\">Azure DevOps Server 2019.0.1</A><P> <A HREF=\"https://aka.ms/azdev2020.0.1patch2\" TARGET=\"_blank\">Azure DevOps Server 2020.0.1</A>",

"TITLE": "Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability - April 2021",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "CVE-2021-28459",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28459"

},

{

"ID": "CVE-2021-27067",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27067"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Windows",

"CONSEQUENCE": "An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-28466",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28466"

},

{

"ID": "CVE-2021-28464",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28464"

},

{

"ID": "CVE-2021-28468",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28468"

}

]

},

"DIAGNOSIS": "A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory.<br/>\nMicrosoft has disclosed Information Disclosure and Remote Code Execution in Windows Codecs Library and VP9 Video Extensions.<P>\n\nAffected Product:<br/>\nVP9 Video Extensions prior to version 1.0.40631.0<br/>\nRaw Image Extension prior to version 1.0.40392.0<P>\n\n\nQID detection Logic:<br/>\nThe gets the version of HEVCVideoExtension by querying wmi class Win32_InstalledStoreProgram.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T12:32:01Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:46Z",

"QID": "91761",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "codecs",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Users are advised to check <A HREF=\"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-26902\" TARGET=\"_blank\">CVE-2021-26902</A> for more information.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28317\" TARGET=\"_blank\">CVE-2021-28317: Windows</A><P> <A HREF=\"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28466\" TARGET=\"_blank\">CVE-2021-28466: Windows</A><P> <A HREF=\"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-27079\" TARGET=\"_blank\">CVE-2021-27079: Windows</A><P> <A HREF=\"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28464\" TARGET=\"_blank\">CVE-2021-28464: Windows</A><P> <A HREF=\"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28468\" TARGET=\"_blank\">CVE-2021-28468: Windows</A>",

"TITLE": "Microsoft Windows Codecs Library and VP9 Video Extensions Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "CVE-2021-28466",

"URL": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28466"

},

{

"ID": "CVE-2021-28464",

"URL": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28464"

},

{

"ID": "CVE-2021-28468",

"URL": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28468"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Office Application",

"CONSEQUENCE": "Successful exploitation allows an attacker to execute code remotely.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-28450",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28450"

},

{

"ID": "CVE-2021-28453",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28453"

}

]

},

"DIAGNOSIS": "Microsoft has released April 2021 security updates to fix multiple security vulnerabilities.<P>\nThis security update contains the following KBs:<P>\nKB4504709<br/>\nKB4504716<br/>\nKB4493170<br/>\nKB4504719<br/>\nKB4504701<br/>\nKB4504715<br/>\nKB4493201<br/>\nKB4504723<P>\nQID Detection Logic:<br/>\nThis authenticated QID checks the file versions from the above Microsoft KB article with the versions on the affected SharePoint system.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T12:32:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "110377",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "sharepoint_server",

"VENDOR": "microsoft"

},

{

"PRODUCT": "sharepoint_foundation",

"VENDOR": "microsoft"

}

]

},

"SOLUTION": "Refer to <A HREF=\"https://msrc.microsoft.com/update-guide/en-us\" TARGET=\"_blank\">Microsoft Security Guidance</A> for more details pertaining to this vulnerability.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://msrc.microsoft.com/update-guide/en-us\" TARGET=\"_blank\">Microsoft Office and Microsoft Office Services and Web Apps Security Update April 2021</A>",

"TITLE": "Microsoft SharePoint Enterprise Server Multiple Vulnerabilities April 2021",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "KB4504709",

"URL": "https://support.microsoft.com/kb/4504709"

},

{

"ID": "KB4504716",

"URL": "https://support.microsoft.com/kb/4504716"

},

{

"ID": "KB4493170",

"URL": "https://support.microsoft.com/kb/4493170"

},

{

"ID": "KB4504719",

"URL": "https://support.microsoft.com/kb/4504719"

},

{

"ID": "KB4504701",

"URL": "https://support.microsoft.com/kb/4504701"

},

{

"ID": "KB4504715",

"URL": "https://support.microsoft.com/kb/4504715"

},

{

"ID": "KB4493201",

"URL": "https://support.microsoft.com/kb/4493201"

},

{

"ID": "KB4504723",

"URL": "https://support.microsoft.com/kb/4504723"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Office Application",

"CONSEQUENCE": "Successful exploitation will lead to Remote Code Execution.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-28452",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28452"

}

},

"DIAGNOSIS": "Microsoft has released April 2021 security updates for outlook to fix a Remote Code Execution vulnerability.<P>\nThis security update contains the following KBs:<br/>\n\nKB4493185<br/>\nKB4504733<br/>\nKB4504712<br/>\n\nQID Detection Logic:<br/>\nThis authenticated QID checks the file versions from the Microsoft advisory with the versions on affected outlook applications.<P>\n\nNote: Office click-2-run and Office 365 installations need to be either updated manually or need to be set to automatic update. There is no direct download for the patch.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T12:32:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "110378",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "outlook",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Refer to <A HREF=\"https://msrc.microsoft.com/update-guide/en-us\" TARGET=\"_blank\">Microsoft Security Guide</A> for more details pertaining to this vulnerability.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://msrc.microsoft.com/update-guide/en-us\" TARGET=\"_blank\">Microsoft Office and Microsoft Office Services and Web Apps Security Update April 2021</A>",

"TITLE": "Microsoft Outlook Remote Code Execution Vulnerability Security Update April 2021",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "KB4493185",

"URL": "https://support.microsoft.com/kb/4493185"

},

{

"ID": "KB4504733",

"URL": "https://support.microsoft.com/kb/4504733"

},

{

"ID": "KB4504712",

"URL": "https://support.microsoft.com/kb/4504712"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Office Application",

"CONSEQUENCE": "Successful exploitation allows an attacker to execute code remotely.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-28454",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28454"

},

{

"ID": "CVE-2021-28453",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28453"

},

{

"ID": "CVE-2021-28452",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28452"

},

{

"ID": "CVE-2021-28451",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28451"

},

{

"ID": "CVE-2021-28449",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28449"

},

{

"ID": "CVE-2021-28456",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28456"

}

]

},

"DIAGNOSIS": "Microsoft has released April 2021 security updates to fix multiple security vulnerabilities.<P>\nThis security update contains the following KBs:<P>\n\nKB4504727<br/>\nKB4493218<br/>\nKB4504729<br/>\nKB4504735<br/>\nKB4504721<br/>\nKB4504714<br/>\nKB4504726<br/>\nKB3178643<br/>\nKB3178639<br/>\nKB2553491<br/>\nKB2589361<br/>\nKB4504738<br/>\nKB4504705<br/>\nKB4493215<br/>\nKB4493198<br/>\nKB4504739<br/>\nKB3017810<br/>\nKB4504724<br/>\nKB4493208<br/>\nKB4504722<P>\n\nQID Detection Logic:<br/>\nThis authenticated QID checks the file versions from the Microsoft advisory with the versions on the affected office system.<P>\n\nNote: Office click-2-run and Office 365 installations need to be updated manually or need to be set to automatic update. There is no direct download for the patch.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T12:32:01Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "110379",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "office",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Refer to <A HREF=\"https://msrc.microsoft.com/update-guide/en-us\" TARGET=\"_blank\">Microsoft Security Guidance</A> for more details pertaining to this vulnerability.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://msrc.microsoft.com/update-guide/en-us\" TARGET=\"_blank\">Microsoft Office and Microsoft Office Services and Web Apps Security Update April 2021</A>",

"TITLE": "Microsoft Office and Microsoft Office Services and Web Apps Security Update April 2021",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "KB4504727",

"URL": "https://support.microsoft.com/kb/4504727"

},

{

"ID": "KB4493218",

"URL": "https://support.microsoft.com/kb/4493218"

},

{

"ID": "KB4504729",

"URL": "https://support.microsoft.com/kb/4504729"

},

{

"ID": "KB4504735",

"URL": "https://support.microsoft.com/kb/4504735"

},

{

"ID": "KB4504721",

"URL": "https://support.microsoft.com/kb/4504721"

},

{

"ID": "KB4504714",

"URL": "https://support.microsoft.com/kb/4504714"

},

{

"ID": "KB4504726",

"URL": "https://support.microsoft.com/kb/4504726"

},

{

"ID": "KB3178643",

"URL": "https://support.microsoft.com/kb/3178643"

},

{

"ID": "KB3178639",

"URL": "https://support.microsoft.com/kb/3178639"

},

{

"ID": "KB2553491",

"URL": "https://support.microsoft.com/kb/2553491"

},

{

"ID": "KB2589361",

"URL": "https://support.microsoft.com/kb/2589361"

},

{

"ID": "KB4504738",

"URL": "https://support.microsoft.com/kb/4504738"

},

{

"ID": "KB4504705",

"URL": "https://support.microsoft.com/kb/4504705"

},

{

"ID": "KB4493215",

"URL": "https://support.microsoft.com/kb/4493215"

},

{

"ID": "KB4493198",

"URL": "https://support.microsoft.com/kb/4493198"

},

{

"ID": "KB4504739",

"URL": "https://support.microsoft.com/kb/4504739"

},

{

"ID": "KB3017810",

"URL": "https://support.microsoft.com/kb/3017810"

},

{

"ID": "KB4504724",

"URL": "https://support.microsoft.com/kb/4504724"

},

{

"ID": "KB4493208",

"URL": "https://support.microsoft.com/kb/4493208"

},

{

"ID": "KB4504722",

"URL": "https://support.microsoft.com/kb/4504722"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "Malicious users could use this vulnerability to change partial contents or configuration on the system.",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": {

"DESC": "jQuery 1.0.3 - Cross-Site Scripting (XSS) - The Exploit-DB Ref : 49767",

"LINK": "http://www.exploit-db.com/exploits/49767",

"REF": "CVE-2020-11023"

}

},

"SRC_NAME": "The Exploit-DB"

}

}

},

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-11023",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023"

}

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for ipa to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 7<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:49Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:49Z",

"QID": "159121",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "peoplesoft_enterprise_human_capital_management_resources",

"VENDOR": "oracle"

},

{

"PRODUCT": "communications_session_route_manager",

"VENDOR": "oracle"

},

{

"PRODUCT": "jd_edwards_enterpriseone_orchestrator",

"VENDOR": "oracle"

},

{

"PRODUCT": "communications_element_manager",

"VENDOR": "oracle"

},

{

"PRODUCT": "weblogic_server",

"VENDOR": "oracle"

},

{

"PRODUCT": "application_testing_suite",

"VENDOR": "oracle"

},

{

"PRODUCT": "hyperion_financial_reporting",

"VENDOR": "oracle"

},

{

"PRODUCT": "application_express",

"VENDOR": "oracle"

},

{

"PRODUCT": "siebel_mobile",

"VENDOR": "oracle"

},

{

"PRODUCT": "rest_data_services",

"VENDOR": "oracle"

},

{

"PRODUCT": "storagetek_tape_analytics_sw_tool",

"VENDOR": "oracle"

},

{

"PRODUCT": "webcenter_sites",

"VENDOR": "oracle"

},

{

"PRODUCT": "communications_analytics",

"VENDOR": "oracle"

},

{

"PRODUCT": "communications_interactive_session_recorder",

"VENDOR": "oracle"

},

{

"PRODUCT": "healthcare_translational_research",

"VENDOR": "oracle"

},

{

"PRODUCT": "banking_enterprise_collections",

"VENDOR": "oracle"

},

{

"PRODUCT": "banking_platform",

"VENDOR": "oracle"

},

{

"PRODUCT": "communications_operations_monitor",

"VENDOR": "oracle"

},

{

"PRODUCT": "financial_services_regulatory_reporting_for_de_nederlandsche_bank",

"VENDOR": "oracle"

},

{

"PRODUCT": "communications_session_report_manager",

"VENDOR": "oracle"

},

{

"PRODUCT": "primavera_gateway",

"VENDOR": "oracle"

},

{

"PRODUCT": "jd_edwards_enterpriseone_tools",

"VENDOR": "oracle"

},

{

"PRODUCT": "None",

"VENDOR": "oracle"

}

]

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0860.html\" TARGET=\"_blank\">ELSA-2021-0860</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0860.html\" TARGET=\"_blank\">ELSA-2021-0860: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for ipa (ELSA-2021-0860)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-0860",

"URL": "https://linux.oracle.com/errata/ELSA-2021-0860.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20179",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20179"

}

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for pki-core:10.6 to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:49Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:49Z",

"QID": "159122",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0966.html\" TARGET=\"_blank\">ELSA-2021-0966</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0966.html\" TARGET=\"_blank\">ELSA-2021-0966: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for pki-core:10.6 (ELSA-2021-0966)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-0966",

"URL": "https://linux.oracle.com/errata/ELSA-2021-0966.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "Successful exploitation allows an attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for firefox to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:49Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:49Z",

"QID": "159123",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0990.html\" TARGET=\"_blank\">ELSA-2021-0990</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0990.html\" TARGET=\"_blank\">ELSA-2021-0990: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for firefox (ELSA-2021-0990)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-0990",

"URL": "https://linux.oracle.com/errata/ELSA-2021-0990.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "Successful exploitation allows an attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for firefox to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 7<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:49Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:49Z",

"QID": "159124",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0992.html\" TARGET=\"_blank\">ELSA-2021-0992</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0992.html\" TARGET=\"_blank\">ELSA-2021-0992: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for firefox (ELSA-2021-0992)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-0992",

"URL": "https://linux.oracle.com/errata/ELSA-2021-0992.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "Successful exploitation allows an attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for thunderbird to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:49Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:49Z",

"QID": "159125",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0993.html\" TARGET=\"_blank\">ELSA-2021-0993</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0993.html\" TARGET=\"_blank\">ELSA-2021-0993: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for thunderbird (ELSA-2021-0993)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-0993",

"URL": "https://linux.oracle.com/errata/ELSA-2021-0993.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "Successful exploitation allows an attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for thunderbird to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 7<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:49Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:49Z",

"QID": "159126",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0996.html\" TARGET=\"_blank\">ELSA-2021-0996</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-0996.html\" TARGET=\"_blank\">ELSA-2021-0996: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for thunderbird (ELSA-2021-0996)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-0996",

"URL": "https://linux.oracle.com/errata/ELSA-2021-0996.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21381",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21381"

}

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for flatpak to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 7<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:49Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:49Z",

"QID": "159127",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-1002.html\" TARGET=\"_blank\">ELSA-2021-1002</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-1002.html\" TARGET=\"_blank\">ELSA-2021-1002: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for flatpak (ELSA-2021-1002)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-1002",

"URL": "https://linux.oracle.com/errata/ELSA-2021-1002.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-3449",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449"

},

{

"ID": "CVE-2021-3450",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3450"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for openssl to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:06:58Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159128",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-1024.html\" TARGET=\"_blank\">ELSA-2021-1024</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-1024.html\" TARGET=\"_blank\">ELSA-2021-1024: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for Open Secure Sockets Layer (OpenSSL) (ELSA-2021-1024)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-1024",

"URL": "https://linux.oracle.com/errata/ELSA-2021-1024.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3177",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177"

}

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for python2 to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159129",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9128.html\" TARGET=\"_blank\">ELSA-2021-9128</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9128.html\" TARGET=\"_blank\">ELSA-2021-9128: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for python2 (ELSA-2021-9128)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9128",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9128.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3177",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177"

}

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for python36 to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159130",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9129.html\" TARGET=\"_blank\">ELSA-2021-9129</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9129.html\" TARGET=\"_blank\">ELSA-2021-9129: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for python36 (ELSA-2021-9129)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9129",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9129.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3177",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177"

}

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for python38 to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159131",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9130.html\" TARGET=\"_blank\">ELSA-2021-9130</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9130.html\" TARGET=\"_blank\">ELSA-2021-9130: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for python38 (ELSA-2021-9130)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9130",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9130.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for Unbreakable Enterprise kernel to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 7<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159132",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9135.html\" TARGET=\"_blank\">ELSA-2021-9135</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9135.html\" TARGET=\"_blank\">ELSA-2021-9135: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9135)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9135",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9135.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for Unbreakable Enterprise kernel-container to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 7<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159133",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9136.html\" TARGET=\"_blank\">ELSA-2021-9136</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9136.html\" TARGET=\"_blank\">ELSA-2021-9136: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9136)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9136",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9136.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "Successful exploitation allows an attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-1971",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971"

}

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for openssl to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 6<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:06:34Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159134",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "graalvm",

"VENDOR": "oracle"

},

{

"PRODUCT": "enterprise_manager_base_platform",

"VENDOR": "oracle"

},

{

"PRODUCT": "mysql",

"VENDOR": "oracle"

},

{

"PRODUCT": "None",

"VENDOR": "oracle"

}

]

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9137.html\" TARGET=\"_blank\">ELSA-2021-9137</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9137.html\" TARGET=\"_blank\">ELSA-2021-9137: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for Open Secure Sockets Layer (OpenSSL) (ELSA-2021-9137)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9137",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9137.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "Successful exploitation allows an attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

},

{

"ID": "CVE-2020-25639",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25639"

},

{

"ID": "CVE-2020-27170",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27170"

},

{

"ID": "CVE-2020-27171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27171"

},

{

"ID": "CVE-2020-28588",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28588"

},

{

"ID": "CVE-2021-3444",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3444"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for Unbreakable Enterprise kernel to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 7<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159135",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9140.html\" TARGET=\"_blank\">ELSA-2021-9140</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9140.html\" TARGET=\"_blank\">ELSA-2021-9140: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9140)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9140",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9140.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "Successful exploitation allows an attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

},

{

"ID": "CVE-2020-25639",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25639"

},

{

"ID": "CVE-2020-27170",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27170"

},

{

"ID": "CVE-2020-27171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27171"

},

{

"ID": "CVE-2020-28588",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28588"

},

{

"ID": "CVE-2021-3444",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3444"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for Unbreakable Enterprise kernel-container to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 7<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159136",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9141.html\" TARGET=\"_blank\">ELSA-2021-9141</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9141.html\" TARGET=\"_blank\">ELSA-2021-9141: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9141)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9141",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9141.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "Successful exploitation allows an attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-1971",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971"

}

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for openssl to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 6<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:05:21Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159137",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "graalvm",

"VENDOR": "oracle"

},

{

"PRODUCT": "enterprise_manager_base_platform",

"VENDOR": "oracle"

},

{

"PRODUCT": "mysql",

"VENDOR": "oracle"

},

{

"PRODUCT": "None",

"VENDOR": "oracle"

}

]

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9150.html\" TARGET=\"_blank\">ELSA-2021-9150</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9150.html\" TARGET=\"_blank\">ELSA-2021-9150: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for Open Secure Sockets Layer (OpenSSL) (ELSA-2021-9150)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9150",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9150.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "OEL",

"CONSEQUENCE": "This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-3449",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449"

},

{

"ID": "CVE-2021-3450",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3450"

}

]

},

"DIAGNOSIS": "Oracle Enterprise Linux has released a security update for openssl to fix the vulnerabilities.<P>Affected Product:<br/>Oracle Linux 8<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:04:57Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "159138",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "oracle"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:<br/><br/><A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9151.html\" TARGET=\"_blank\">ELSA-2021-9151</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://linux.oracle.com/errata/ELSA-2021-9151.html\" TARGET=\"_blank\">ELSA-2021-9151: Oracle Linux</A>",

"TITLE": "Oracle Enterprise Linux Security Update for Open Secure Sockets Layer (OpenSSL) (ELSA-2021-9151)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ELSA-2021-9151",

"URL": "https://linux.oracle.com/errata/ELSA-2021-9151.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-12673",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12673"

},

{

"ID": "CVE-2020-25275",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25275"

},

{

"ID": "CVE-2020-12100",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12100"

},

{

"ID": "CVE-2020-24386",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24386"

},

{

"ID": "CVE-2020-12674",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12674"

}

]

},

"DIAGNOSIS": "<br/><br/> This update for dovecot23 fixes the following issues:<br/><br/> Security issues fixed:<br/><br/> - CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME<br/> parts (bsc#1174920).<br/> - CVE-2020-12673: Fixed an improper implementation of NTLM that did not<br/> check the message buffer size (bsc#1174922).<br/> - CVE-2020-12674: Fixed an improper implementation of the RPA mechanism<br/> (bsc#1174923).<br/> - CVE-2020-24386: Fixed an issue with IMAP hibernation that allowed users<br/> to access other users' emails (bsc#1180405).<br/> - CVE-2020-25275: Fixed a crash when the 10000th MIME part was<br/> message/rfc822 (bsc#1180406).<br/><br/> Non-security issues fixed:<br/><br/> - Pigeonhole was updated to version 0.5.11.<br/> - Dovecot was updated to version 2.3.11.3.<br/><br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:37Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:37Z",

"QID": "174719",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "dovecot23",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-January/008152.html to address this issue and obtain further details.",

"TITLE": "SUSE Enterprise Linux Security update for dovecot23 (SUSE-SU-2021:0028-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0028-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008152.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-25275",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25275"

},

{

"ID": "CVE-2020-24386",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24386"

},

{

"ID": "CVE-2020-12100",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12100"

}

]

},

"DIAGNOSIS": "<br/><br/> This update for dovecot23 fixes the following issues:<br/><br/> Security issues fixed:<br/><br/> - CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME<br/> parts (bsc#1174920).<br/> - CVE-2020-24386: Fixed an issue with IMAP hibernation that allowed users<br/> to access other users' emails (bsc#1180405).<br/> - CVE-2020-25275: Fixed a crash when the 10000th MIME part was<br/> message/rfc822 (bsc#1180406).<br/><br/> Non-security issues fixed:<br/><br/> - Pigeonhole was updated to version 0.5.11.<br/> - Dovecot was updated to version 2.3.11.3.<br/><br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:37Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:37Z",

"QID": "174720",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "dovecot23",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-January/008154.html to address this issue and obtain further details.",

"TITLE": "SUSE Enterprise Linux Security update for dovecot23 (SUSE-SU-2021:0027-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0027-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008154.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-16785",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16785"

},

{

"ID": "CVE-2019-16786",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16786"

},

{

"ID": "CVE-2019-16792",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16792"

},

{

"ID": "CVE-2019-16789",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16789"

}

]

},

"DIAGNOSIS": "<br/><br/> This update for python-waitress to 1.4.3 fixes the following security<br/> issues:<br/><br/> - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling<br/> (bsc#1161088).<br/> - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding<br/> (bsc#1161089).<br/> - CVE-2019-16789: HTTP request smuggling through invalid whitespace<br/> characters (bsc#1160790).<br/> - CVE-2019-16792: HTTP request smuggling by sending the Content-Length<br/> header twice (bsc#1161670).<br/><br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:37Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:37Z",

"QID": "174724",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "python-waitress",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2020-November/007743.html to address this issue and obtain further details.",

"TITLE": "SUSE Enterprise Linux Security update for python-waitress (SUSE-SU-2020:3269-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2020:3269-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007743.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-12771",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12771"

},

{

"ID": "CVE-2020-10767",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10767"

},

{

"ID": "CVE-2019-16746",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16746"

},

{

"ID": "CVE-2020-13974",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13974"

},

{

"ID": "CVE-2020-0305",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0305"

},

{

"ID": "CVE-2020-14416",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14416"

},

{

"ID": "CVE-2020-15393",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15393"

},

{

"ID": "CVE-2020-10766",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10766"

},

{

"ID": "CVE-2020-10768",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10768"

},

{

"ID": "CVE-2020-15780",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15780"

},

{

"ID": "CVE-2019-20908",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20908"

},

{

"ID": "CVE-2020-10773",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10773"

},

{

"ID": "CVE-2020-12888",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12888"

},

{

"ID": "CVE-2020-10769",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10769"

}

]

},

"DIAGNOSIS": "<br/><br/>The SUSE Linux Enterprise 15 GA LTSS kernel was updated to receive various<br/> security and bugfixes.<br/><br/> The following security bugs were fixed:<br/><br/> - CVE-2020-0305: In cdev_get of char_dev.c, there is a possible<br/> use-after-free due to a race condition. This could lead to local<br/> escalation of privilege with System execution privileges needed. User<br/> interaction is not needed for exploitation (bnc#1174462).<br/> - CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c<br/> where incorrect access permissions for the efivar_ssdt ACPI variable<br/> could be used by attackers to bypass lockdown or secure boot<br/> restrictions, aka CID-1957a85b0032 (bnc#1173567).<br/> - CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c<br/> where injection of malicious ACPI tables via configfs could be used by<br/> attackers to bypass lockdown and secure boot restrictions, aka<br/> CID-75b0cea7bf30 (bnc#1173573).<br/> - CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c had a<br/> memory leak, aka CID-28ebeb8db770 (bnc#1173514).<br/> - CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c has a<br/> deadlock if a coalescing operation fails (bnc#1171732).<br/> - CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c which<br/> did not check the length of variable elements in a beacon head, leading<br/> to a buffer overflow (bnc#1152107 1173659).<br/> - CVE-2020-12888: The VFIO PCI driver mishandled attempts to access<br/> disabled memory space (bnc#1171868).<br/> - CVE-2020-10769: A buffer over-read flaw was found in<br/> crypto_authenc_extractkeys in crypto/authenc.c in the IPsec<br/> Cryptographic algorithm's module, authenc. When a payload longer than 4<br/> bytes, and is not following 4-byte alignment boundary guidelines, it<br/> causes a buffer over-read threat, leading to a system crash. This flaw<br/> allowed a local attacker with user privileges to cause a denial of<br/> service (bnc#1173265).<br/> - CVE-2020-10773: A kernel stack information leak on s390/s390x was fixed<br/> (bnc#1172999).<br/> - CVE-2020-14416: A race condition in tty-&gt;disc_data handling in the slip<br/> and slcan line discipline could lead to a use-after-free, aka<br/> CID-0ace17d56824. This affects drivers/net/slip/slip.c and<br/> drivers/net/can/slcan.c (bnc#1162002).<br/> - CVE-2020-10768: Indirect branch speculation could have been enabled<br/> after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command.<br/> (bnc#1172783).<br/> - CVE-2020-10766: Fixed Rogue cross-process SSBD shutdown, where a Linux<br/> scheduler logical bug allows an attacker to turn off the SSBD<br/> protection. (bnc#1172781).<br/> - CVE-2020-10767: Indirect Branch Prediction Barrier was force-disabled<br/> when STIBP is unavailable or enhanced IBRS is available. (bnc#1172782).<br/> - CVE-2020-13974: drivers/tty/vt/keyboard.c had an integer overflow if<br/> k_ascii is called several times in a row, aka CID-b86dab054059<br/> (bnc#1172775).<br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-26T10:18:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174729",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "kernel",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2020-August/007214.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2020-August/007214.html\" TARGET=\"_blank\">SUSE-SU-2020:2106-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for the Linux Kernel (SUSE-SU-2020:2106-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2020:2106-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2020-August/007214.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-8019",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8019"

}

},

"DIAGNOSIS": "<br/><br/> This update for syslog-ng fixes the following issues:<br/><br/> - CVE-2020-8019: Fixed a local privilege escalation during package update<br/> (bsc#1169385).<br/><br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174734",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "syslog-ng",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2020-May/006804.html to address this issue and obtain further details.",

"TITLE": "SUSE Enterprise Linux Security update for syslog-ng (SUSE-SU-2020:1221-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2020:1221-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2020-May/006804.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27803",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803"

}

},

"DIAGNOSIS": "<br/><br/> This update for wpa_supplicant fixes the following issues:<br/><br/> - CVE-2021-27803: Fixed a P2P provision discovery processing vulnerability<br/> (bsc#1182805).<br/><br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174736",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "wpa_supplicant",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008439.html to address this issue and obtain further details.",

"TITLE": "SUSE Enterprise Linux Security update for wpa_supplicant (SUSE-SU-2021:0721-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0721-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008439.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23960",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23960"

},

{

"ID": "CVE-2021-23964",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23964"

},

{

"ID": "CVE-2021-23954",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23954"

},

{

"ID": "CVE-2021-23953",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23953"

},

{

"ID": "CVE-2020-26976",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26976"

}

]

},

"DIAGNOSIS": "<br/><br/> This update for MozillaFirefox fixes the following issues:<br/><br/> - Firefox Extended Support Release 78.7.0 ESR (MFSA 2021-04, bsc#1181414)<br/> * CVE-2021-23953: Fixed a Cross-origin information leakage via<br/> redirected PDF requests<br/> * CVE-2021-23954: Fixed a type confusion when using logical assignment<br/> operators in JavaScript switch statements<br/> * CVE-2020-26976: Fixed an issue where HTTPS pages could have been<br/> intercepted by a registered service worker when they should not have<br/> been<br/> * CVE-2021-23960: Fixed a use-after-poison for incorrectly redeclared<br/> JavaScript variables during GC<br/> * CVE-2021-23964: Fixed Memory safety bugs<br/><br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174740",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "firefox",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-January/008257.html to address this issue and obtain further details.",

"TITLE": "SUSE Enterprise Linux Security update for MozillaFirefox (SUSE-SU-2021:0246-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0246-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008257.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-35518",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35518"

}

},

"DIAGNOSIS": "This update for 389-ds fixes the following issues:<br/><br/> - 389-ds was updated to version 1.4.3.19<br/> - CVE-2020-35518: Fixed an information disclosure during the binding of<br/> a DN (bsc#1181159).",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174763",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "389-ds",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008440.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008440.html\" TARGET=\"_blank\">SUSE-SU-2021:0724-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for 389-ds (SUSE-SU-2021:0724-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0724-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008440.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2020-12362",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12362"

},

{

"ID": "CVE-2020-12373",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12373"

},

{

"ID": "CVE-2020-12363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12363"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

},

{

"ID": "CVE-2020-29368",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29368"

},

{

"ID": "CVE-2020-12364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12364"

},

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2020-29374",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29374"

}

]

},

"DIAGNOSIS": "The SUSE Linux Enterprise 15 SP2 kernel Azure was updated to receive<br/> various security and bugfixes.<br/><br/> The following security bugs were fixed:<br/><br/> - CVE-2021-26930: Fixed an improper error handling in blkback's grant<br/> mapping (XSA-365 bsc#1181843).<br/> - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant<br/> mapping errors as bugs (XSA-362 bsc#1181753).<br/> - CVE-2021-26932: Fixed improper error handling issues in Linux grant<br/> mapping (XSA-361 bsc#1181747). by remote attackers to read or write<br/> files via directory traversal in an XCOPY request (bsc#178372).<br/> - CVE-2020-12362: Fixed an integer overflow in the firmware which may have<br/> allowed a privileged user to potentially enable an escalation of<br/> privilege via local access (bsc#1181720).<br/> - CVE-2020-12363: Fixed an improper input validation which may have<br/> allowed a privileged user to potentially enable a denial of service via<br/> local access (bsc#1181735).<br/> - CVE-2020-12364: Fixed a null pointer reference which may have allowed a<br/> privileged user to potentially enable a denial of service via local<br/> access (bsc#1181736 ).<br/> - CVE-2020-12373: Fixed an expired pointer dereference which may have<br/> allowed a privileged user to potentially enable a denial of service via<br/> local access (bsc#1181738).<br/> - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write<br/> implementation which could have granted unintended write access because<br/> of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).<br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174764",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "kernel",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008445.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008445.html\" TARGET=\"_blank\">SUSE-SU-2021:0738-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for the Linux Kernel (SUSE-SU-2021:0738-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0738-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008445.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2020-12362",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12362"

},

{

"ID": "CVE-2020-12373",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12373"

},

{

"ID": "CVE-2020-12363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12363"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

},

{

"ID": "CVE-2020-29368",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29368"

},

{

"ID": "CVE-2020-12364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12364"

},

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2020-29374",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29374"

}

]

},

"DIAGNOSIS": "The SUSE Linux Enterprise 15 SP2 kernel RT was updated to receive various<br/> security and bugfixes.<br/><br/> The following security bugs were fixed:<br/><br/> - CVE-2021-26930: Fixed an improper error handling in blkback's grant<br/> mapping (XSA-365 bsc#1181843).<br/> - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant<br/> mapping errors as bugs (XSA-362 bsc#1181753).<br/> - CVE-2021-26932: Fixed improper error handling issues in Linux grant<br/> mapping (XSA-361 bsc#1181747). by remote attackers to read or write<br/> files via directory traversal in an XCOPY request (bsc#178372).<br/> - CVE-2020-12362: Fixed an integer overflow in the firmware which may have<br/> allowed a privileged user to potentially enable an escalation of<br/> privilege via local access (bsc#1181720).<br/> - CVE-2020-12363: Fixed an improper input validation which may have<br/> allowed a privileged user to potentially enable a denial of service via<br/> local access (bsc#1181735).<br/> - CVE-2020-12364: Fixed a null pointer reference which may have allowed a<br/> privileged user to potentially enable a denial of service via local<br/> access (bsc#1181736 ).<br/> - CVE-2020-12373: Fixed an expired pointer dereference which may have<br/> allowed a privileged user to potentially enable a denial of service via<br/> local access (bsc#1181738).<br/> - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write<br/> implementation which could have granted unintended write access because<br/> of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).<br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174768",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "kernel",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008450.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008450.html\" TARGET=\"_blank\">SUSE-SU-2021:0735-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for the Linux Kernel (SUSE-SU-2021:0735-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0735-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008450.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2020-12362",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12362"

},

{

"ID": "CVE-2020-12373",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12373"

},

{

"ID": "CVE-2020-12363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12363"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

},

{

"ID": "CVE-2020-29368",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29368"

},

{

"ID": "CVE-2020-12364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12364"

},

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2020-29374",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29374"

}

]

},

"DIAGNOSIS": "The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various<br/> security and bugfixes.<br/><br/> The following security bugs were fixed:<br/><br/> - CVE-2021-26930: Fixed an improper error handling in blkback's grant<br/> mapping (XSA-365 bsc#1181843).<br/> - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant<br/> mapping errors as bugs (XSA-362 bsc#1181753).<br/> - CVE-2021-26932: Fixed improper error handling issues in Linux grant<br/> mapping (XSA-361 bsc#1181747). by remote attackers to read or write<br/> files via directory traversal in an XCOPY request (bsc#178372).<br/> - CVE-2020-12362: Fixed an integer overflow in the firmware which may have<br/> allowed a privileged user to potentially enable an escalation of<br/> privilege via local access (bsc#1181720).<br/> - CVE-2020-12363: Fixed an improper input validation which may have<br/> allowed a privileged user to potentially enable a denial of service via<br/> local access (bsc#1181735).<br/> - CVE-2020-12364: Fixed a null pointer reference which may have allowed a<br/> privileged user to potentially enable a denial of service via local<br/> access (bsc#1181736 ).<br/> - CVE-2020-12373: Fixed an expired pointer dereference which may have<br/> allowed a privileged user to potentially enable a denial of service via<br/> local access (bsc#1181738).<br/> - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write<br/> implementation which could have granted unintended write access because<br/> of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).<br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174770",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "kernel",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008452.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008452.html\" TARGET=\"_blank\">SUSE-SU-2021:0741-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for the Linux Kernel (SUSE-SU-2021:0741-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0741-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008452.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

},

{

"ID": "CVE-2020-29368",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29368"

},

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2020-29374",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29374"

}

]

},

"DIAGNOSIS": "The SUSE Linux Enterprise 15 SP1 kernel was updated receive various<br/> security and bugfixes.<br/><br/> The following security bugs were fixed:<br/><br/> - CVE-2021-26930: Fixed an improper error handling in blkback's grant<br/> mapping (XSA-365 bsc#1181843).<br/> - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant<br/> mapping errors as bugs (XSA-362 bsc#1181753).<br/> - CVE-2021-26932: Fixed improper error handling issues in Linux grant<br/> mapping (XSA-361 bsc#1181747). by remote attackers to read or write<br/> files via directory traversal in an XCOPY request (bsc#178372).<br/> - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write<br/> implementation which could have granted unintended write access because<br/> of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).<br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174772",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "kernel",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008455.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008455.html\" TARGET=\"_blank\">SUSE-SU-2021:0737-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for the Linux Kernel (SUSE-SU-2021:0737-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0737-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008455.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

},

{

"ID": "CVE-2020-29368",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29368"

},

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2020-29374",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29374"

}

]

},

"DIAGNOSIS": "The SUSE Linux Enterprise 15 kernel was updated to receive various<br/> security and bugfixes.<br/><br/> The following security bugs were fixed:<br/><br/> - CVE-2021-26930: Fixed an improper error handling in blkback's grant<br/> mapping (XSA-365 bsc#1181843).<br/> - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant<br/> mapping errors as bugs (XSA-362 bsc#1181753).<br/> - CVE-2021-26932: Fixed improper error handling issues in Linux grant<br/> mapping (XSA-361 bsc#1181747). by remote attackers to read or write<br/> files via directory traversal in an XCOPY request (bsc#178372).<br/> - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write<br/> implementation which could have granted unintended write access because<br/> of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).<br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174774",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "kernel",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008458.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008458.html\" TARGET=\"_blank\">SUSE-SU-2021:0740-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for the Linux Kernel (SUSE-SU-2021:0740-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0740-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008458.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21300",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21300"

}

},

"DIAGNOSIS": "This update for git fixes the following issues:<br/><br/> - On case-insensitive filesystems, with support for symbolic links, if Git<br/> is configured globally to apply delay-capable clean/smudge filters (such<br/> as Git LFS), Git could be fooled into running remote code during a<br/> clone. (bsc#1183026, CVE-2021-21300)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174776",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "git",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008461.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008461.html\" TARGET=\"_blank\">SUSE-SU-2021:0757-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for git (SUSE-SU-2021:0757-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0757-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008461.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-36222",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36222"

},

{

"ID": "CVE-2020-36224",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36224"

},

{

"ID": "CVE-2020-36228",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36228"

},

{

"ID": "CVE-2020-36225",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36225"

},

{

"ID": "CVE-2020-36223",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36223"

},

{

"ID": "CVE-2020-36229",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36229"

},

{

"ID": "CVE-2020-36227",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36227"

},

{

"ID": "CVE-2021-27212",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27212"

},

{

"ID": "CVE-2020-36230",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36230"

},

{

"ID": "CVE-2020-36226",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36226"

},

{

"ID": "CVE-2020-36221",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36221"

}

]

},

"DIAGNOSIS": "This update for openldap2 fixes the following issues:<br/><br/> - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509<br/> DN parsing in decode.c ber_next_element, resulting in denial<br/> of service.<br/> - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN<br/> parsing in ad_keystring, resulting in denial of service.<br/> - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the<br/> Certificate List Exact Assertion processing, resulting in denial of<br/> service.<br/> - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the<br/> cancel_extop Cancel operation, resulting in denial of service.<br/> - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the<br/> saslAuthzTo processing, resulting in denial of service.<br/> - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the<br/> saslAuthzTo processing, resulting in denial of service.<br/> - bsc#1182415 CVE-2020-36226 - memch-&gt;bv_len miscalculation and slapd<br/> crash in the saslAuthzTo processing, resulting in denial of service.<br/> - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the<br/> saslAuthzTo validation, resulting in denial of service.<br/> - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact<br/> Assertion processing, resulting in denial of service (schema_init.c<br/> serialNumberAndIssuerCheck).<br/> - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter<br/> control handling, resulting in denial of service (double free and<br/> out-of-bounds read).<br/> - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in<br/> the issuerAndThisUpdateCheck function via a crafted packet, resulting in<br/> a denial of service (daemon exit) via a short timestamp. This is related<br/> to schema_init.c and checkTime.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174780",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "openldap2",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008431.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008431.html\" TARGET=\"_blank\">SUSE-SU-2021:0692-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for openldap2 (SUSE-SU-2021:0692-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0692-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008431.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-36222",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36222"

},

{

"ID": "CVE-2020-36224",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36224"

},

{

"ID": "CVE-2020-36228",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36228"

},

{

"ID": "CVE-2020-36225",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36225"

},

{

"ID": "CVE-2020-36223",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36223"

},

{

"ID": "CVE-2020-36229",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36229"

},

{

"ID": "CVE-2020-36227",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36227"

},

{

"ID": "CVE-2021-27212",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27212"

},

{

"ID": "CVE-2020-36230",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36230"

},

{

"ID": "CVE-2020-36226",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36226"

},

{

"ID": "CVE-2020-36221",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36221"

}

]

},

"DIAGNOSIS": "This update for openldap2 fixes the following issues:<br/><br/> - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509<br/> DN parsing in decode.c ber_next_element, resulting in denial<br/> of service.<br/> - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN<br/> parsing in ad_keystring, resulting in denial of service.<br/> - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the<br/> Certificate List Exact Assertion processing, resulting in denial of<br/> service.<br/> - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the<br/> cancel_extop Cancel operation, resulting in denial of service.<br/> - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the<br/> saslAuthzTo processing, resulting in denial of service.<br/> - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the<br/> saslAuthzTo processing, resulting in denial of service.<br/> - bsc#1182415 CVE-2020-36226 - memch-&gt;bv_len miscalculation and slapd<br/> crash in the saslAuthzTo processing, resulting in denial of service.<br/> - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the<br/> saslAuthzTo validation, resulting in denial of service.<br/> - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact<br/> Assertion processing, resulting in denial of service (schema_init.c<br/> serialNumberAndIssuerCheck).<br/> - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter<br/> control handling, resulting in denial of service (double free and<br/> out-of-bounds read).<br/> - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in<br/> the issuerAndThisUpdateCheck function via a crafted packet, resulting in<br/> a denial of service (daemon exit) via a short timestamp. This is related<br/> to schema_init.c and checkTime.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174783",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "openldap2",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008438.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008438.html\" TARGET=\"_blank\">SUSE-SU-2021:0723-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for openldap2 (SUSE-SU-2021:0723-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0723-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008438.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23840",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840"

},

{

"ID": "CVE-2021-23841",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841"

}

]

},

"DIAGNOSIS": "This update for openssl-1_1 fixes the following issues:<br/><br/> - CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)<br/> - CVE-2021-23841: Fixed a Null pointer dereference in<br/> X509_issuer_and_serial_hash() (bsc#1182331)<br/> - Fixed unresolved error codes in FIPS (bsc#1182959).",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:16:03Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174786",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "openssl-1_1",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008453.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008453.html\" TARGET=\"_blank\">SUSE-SU-2021:0754-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for Open Secure Sockets Layer (OpenSSL-1_1) (SUSE-SU-2021:0754-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0754-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008453.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23840",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840"

},

{

"ID": "CVE-2021-23841",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841"

}

]

},

"DIAGNOSIS": "This update for openssl-1_0_0 fixes the following issues:<br/><br/> - CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)<br/> - CVE-2021-23841: Fixed a Null pointer dereference in<br/> X509_issuer_and_serial_hash() (bsc#1182331)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:35:20Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174789",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "openssl-1_0_0",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008473.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008473.html\" TARGET=\"_blank\">SUSE-SU-2021:0769-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for Open Secure Sockets Layer (OpenSSL-1_0_0) (SUSE-SU-2021:0769-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0769-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008473.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20230",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20230"

}

},

"DIAGNOSIS": "This update for stunnel fixes the following issues:<br/><br/> - Security fix: [bsc#1177580, bsc#1182529, CVE-2021-20230]<br/> * &quot;redirect&quot; option does not properly handle &quot;verifyChain = yes&quot;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174790",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "stunnel",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008483.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008483.html\" TARGET=\"_blank\">SUSE-SU-2021:0772-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for stunnel (SUSE-SU-2021:0772-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0772-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008483.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27219",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27219"

},

{

"ID": "CVE-2021-27218",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27218"

}

]

},

"DIAGNOSIS": "This update for glib2 fixes the following issues:<br/><br/> - CVE-2021-27218: g_byte_array_new_take takes a gsize as length but stores<br/> in a guint, this patch will refuse if the length is larger than guint.<br/> (bsc#1182328)<br/> - CVE-2021-27219: g_memdup takes a guint as parameter and sometimes leads<br/> into an integer overflow, so add a g_memdup2 function which uses gsize<br/> to replace it. (bsc#1182362)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174791",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "glib2",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008486.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008486.html\" TARGET=\"_blank\">SUSE-SU-2021:0778-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for glib2 (SUSE-SU-2021:0778-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0778-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008486.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23840",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840"

},

{

"ID": "CVE-2021-23841",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841"

}

]

},

"DIAGNOSIS": "This update for compat-openssl098 fixes the following issues:<br/><br/> - CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)<br/> - CVE-2021-23841: Fixed a Null pointer dereference in<br/> X509_issuer_and_serial_hash() (bsc#1182331)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T21:10:37Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174794",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "compat-openssl098",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008492.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008492.html\" TARGET=\"_blank\">SUSE-SU-2021:0793-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for Compat-Open Secure Sockets Layer (compat-OpenSSL098) (SUSE-SU-2021:0793-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0793-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008492.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-27746",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27746"

},

{

"ID": "CVE-2016-10030",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10030"

},

{

"ID": "CVE-2019-12838",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12838"

},

{

"ID": "CVE-2019-6438",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6438"

},

{

"ID": "CVE-2018-7033",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7033"

},

{

"ID": "CVE-2018-10995",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10995"

},

{

"ID": "CVE-2020-27745",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27745"

},

{

"ID": "CVE-2019-19727",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19727"

},

{

"ID": "CVE-2020-12693",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12693"

},

{

"ID": "CVE-2017-15566",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15566"

},

{

"ID": "CVE-2019-19728",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19728"

}

]

},

"DIAGNOSIS": "This update for pdsh fixes the following issues:<br/><br/> - Preparing pdsh for Slurm 20.11 (jsc#ECO-2412)<br/> - Simplify convoluted condition.<br/><br/> This update for slurm fixes the following issues:<br/><br/> - Fix potential buffer overflows from use of unpackmem(). CVE-2020-27745<br/> (bsc#1178890)<br/> - Fix potential leak of the magic cookie when sent as an argument to the<br/> xauth command. CVE-2020-27746 (bsc#1178891)<br/> - Add support for openPMIx also for Leap/SLE 15.0/1 (bsc#1173805).<br/> - Updated to 20.02.3 which fixes CVE-2020-12693 (bsc#1172004).<br/> - slurm-plugins will now also require pmix not only libpmix (bsc#1164326)<br/> - Removed autopatch as it doesn't work for the SLE-11-SP4 build.<br/> - Disable %arm builds as this is no longer supported.<br/> - pmix searches now also for libpmix.so.2 so that there is no dependency<br/> for devel package (bsc#1164386)<br/> - Update to version 20.02.0 (jsc#SLE-8491)<br/> * Fix minor memory leak in slurmd on reconfig.<br/> * Fix invalid ptr reference when rolling up data in the database.<br/> * Change shtml2html.py to require python3 for RHEL8 support, and match<br/> man2html.py.<br/> * slurm.spec - override &quot;hardening&quot; linker flags to ensure RHEL8 builds<br/> in a usable manner.<br/> * Fix type mismatches in the perl API.<br/> * Prevent use of uninitialized slurmctld_diag_stats.<br/> * Fixed various Coverity issues.<br/> * Only show warning about root-less topology in daemons.<br/> * Fix accounting of jobs in IGNORE_JOBS reservations.<br/> * Fix issue with batch steps state not loading correctly when upgrading<br/> from 19.05.<br/> * Deprecate max_depend_depth in SchedulerParameters and move it to<br/> DependencyParameters.<br/> * Silence erroneous error on slurmctld upgrade when loading federation<br/> state.<br/> * Break infinite loop in cons_tres dealing with incorrect tasks per tres<br/> request resulting in slurmctld hang.<br/> * Improve handling of --gpus-per-task to make sure appropriate number of<br/> GPUs is assigned to job.<br/> * Fix seg fault on cons_res when requesting --spread-job.<br/><br/> - Move to python3 for everything but SLE-11-SP4<br/> * For SLE-11-SP4 add a workaround to handle a python3 script (python2.7<br/> compliant).<br/><br/> * sbatch - fix segfault when no newline at the end of a burst buffer<br/> file.<br/> * Change scancel to only check job's base state when matching -t options.<br/> * Save job dependency list in state files.<br/> * cons_tres - allow jobs to be run on systems with root-less topologies.<br/> * Restore pre-20.02pre1 PrologSlurmctld synchonization behavior to avoid<br/> various race conditions, and ensure proper batch job launch.<br/> * Add new slurmrestd command/daemon which implements the Slurm REST API.<br/><br/> - standard slurm.conf uses now also SlurmctldHost on all build targets<br/> (bsc#1162377)<br/><br/> - start slurmdbd after mariadb (bsc#1161716)<br/><br/> - Update to version 19.05.5 (jsc#SLE-8491)<br/> * Includes security fixes CVE-2019-19727, CVE-2019-19728, CVE-2019-12838.<br/> * Disable i586 builds as this is no longer supported.<br/> * Create libnss_slurm package to support user and group resolution thru<br/> slurmstepd.<br/><br/> - Update to v18.08.9 for fixing CVE-2019-19728 (bsc#1159692).<br/> * Make Slurm compile on linux after sys/sysctl.h was deprecated.<br/> * Install slurmdbd.conf.example with 0600 permissions to encourage<br/> secure use. CVE-2019-19727.<br/> * srun - do not continue with job launch if --uid fails. CVE-2019-19728.<br/><br/> - added pmix support jsc#SLE-10800<br/><br/> - Use --with-shared-libslurm to build slurm binaries using libslurm.<br/> - Make libslurm depend on slurm-config.<br/><br/> - Fix ownership of /var/spool/slurm on new installations and upgrade<br/> (bsc#1158696).<br/><br/> - Fi[...]",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174796",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "slurm_20_11 and pdsh",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008484.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008484.html\" TARGET=\"_blank\">SUSE-SU-2021:0773-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for slurm_20_11 and pdsh (SUSE-SU-2021:0773-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0773-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008484.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-25316",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25316"

}

},

"DIAGNOSIS": "This update for s390-tools fixes the following issues:<br/><br/> - Fixed an issue where IPL was not working when bootloader was installed<br/> on a SCSI disk with 4k physical blocksize without using a devicemapper<br/> target (bsc#1183041).<br/> - CVE-2021-25316: Do not use predictable temporary file names<br/> (bsc#1182777).<br/> - Made the name of the temporary configuration file in /tmp/ unpredictable<br/> (bsc#1182876).<br/> - Changing the scheduler from &quot;deadline&quot; to the newly created<br/> &quot;mq-deadline&quot; scheduler (bsc#1176574)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-09T05:09:14Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174798",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "s390-tools",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008490.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008490.html\" TARGET=\"_blank\">SUSE-SU-2021:0777-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for s390-tools (SUSE-SU-2021:0777-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0777-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008490.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-13936",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13936"

}

},

"DIAGNOSIS": "This update for velocity fixes the following issues:<br/><br/> - CVE-2020-13936: Fixed an arbitrary code execution when attacker is able<br/> to modify templates (bsc#1183360).",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174799",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "velocity",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008494.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008494.html\" TARGET=\"_blank\">SUSE-SU-2021:0800-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for velocity (SUSE-SU-2021:0800-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0800-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008494.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-23336",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336"

}

},

"DIAGNOSIS": "This update for python fixes the following issues:<br/><br/> - python27 was upgraded to 2.7.18<br/> - CVE-2021-23336: Fixed a potential web cache poisoning by using a<br/> semicolon in query parameters use of semicolon as a query string<br/> separator (bsc#1182379).",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174803",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "python",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security\n Update use YaST online_update. Alternatively you can run the command listed for your product.\n \n To install packages using the command line interface, use command &quot;yum update&quot;.\n \n Refer to Suse security advisory: https://lists.suse.com/pipermail/sle-security-updates/2021-March/008475.html to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008475.html\" TARGET=\"_blank\">SUSE-SU-2021:0768-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security update for python (SUSE-SU-2021:0768-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0768-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008475.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-26572",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26572"

},

{

"ID": "CVE-2019-15946",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15946"

},

{

"ID": "CVE-2020-26570",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26570"

},

{

"ID": "CVE-2020-26571",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26571"

},

{

"ID": "CVE-2019-19479",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19479"

},

{

"ID": "CVE-2019-15945",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15945"

}

]

},

"DIAGNOSIS": "This update for opensc fixes the following issues:<br/><br/> - CVE-2020-26571: gemsafe GPK smart card software driver stack-based<br/> buffer overflow (bsc#1177380)<br/> - CVE-2019-15946: out-of-bounds access of an ASN.1 Octet string in<br/> asn1_decode_entry (bsc#1149747)<br/> - CVE-2019-15945: out-of-bounds access of an ASN.1 Bitstring in<br/> decode_bit_string (bsc#1149746)<br/> - CVE-2019-19479: incorrect read operation during parsing of a SETCOS file<br/> attribute (bsc#1158256)<br/> - CVE-2020-26572: Prevent out of bounds write (bsc#1177378)<br/> - CVE-2020-26570: Fix buffer overflow in sc_oberthur_read_file<br/> (bsc#1177364)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "174870",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "opensc",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008574.html\" TARGET=\"_blank\">SUSE-SU-2021:0998-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008574.html\" TARGET=\"_blank\">SUSE-SU-2021:0998-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for opensc (SUSE-SU-2021:0998-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0998-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008574.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-12658",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12658"

}

},

"DIAGNOSIS": "This update for gssproxy fixes the following issues:<br/><br/> - CVE-2020-12658: Fixed an issue where gssproxy was not unlocking<br/> cond_mutex before pthread exit in gp_worker_main() (bsc#1180515).",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T10:30:04Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "174872",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "gssproxy",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008587.html\" TARGET=\"_blank\">SUSE-SU-2021:1030-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008587.html\" TARGET=\"_blank\">SUSE-SU-2021:1030-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for gssproxy (SUSE-SU-2021:1030-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1030-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008587.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-25645",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25645"

},

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2020-1749",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1749"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2020-0429",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0429"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

}

]

},

"DIAGNOSIS": "This update for the Linux Kernel 4.4.180-94_141 fixes several issues.<br/><br/> The following security issues were fixed:<br/><br/> - CVE-2021-27365: Fixed an issue where data structures did not have<br/> appropriate length constraints or checks, and could exceed the PAGE_SIZE<br/> value (bsc#1183491).<br/> - CVE-2021-27363: Fixed a kernel pointer leak which could have been used<br/> to determine the address of the iscsi_transport structure (bsc#1183120).<br/> - CVE-2021-27364: Fixed an issue where an unprivileged user could craft<br/> Netlink messages (bsc#1182717).<br/> - CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between<br/> two Geneve endpoints to be unencrypted (bsc#1177513).<br/> - CVE-2020-0429: Fixed a memory corruption due to a use after free which<br/> could have led to local escalation of privilege with System execution<br/> privileges needed (bsc#1176931).<br/> - CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup<br/> (bsc#1165631).",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "174874",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "kernel",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008590.html\" TARGET=\"_blank\">SUSE-SU-2021:1074-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008590.html\" TARGET=\"_blank\">SUSE-SU-2021:1074-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (SUSE-SU-2021:1074-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1074-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008590.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-3308",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3308"

},

{

"ID": "CVE-2020-28368",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28368"

},

{

"ID": "CVE-2021-28687",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28687"

},

{

"ID": "CVE-2021-20257",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20257"

}

]

},

"DIAGNOSIS": "This update for xen fixes the following issues:<br/><br/> - CVE-2021-3308: VUL-0: xen: IRQ vector leak on x86 (bsc#1181254, XSA-360)<br/> - CVE-2021-28687: VUL-0: xen: HVM soft-reset crashes toolstack<br/> (bsc#1183072, XSA-368)<br/> - CVE-2021-20257: VUL-0: xen: infinite loop issue in the e1000 NIC<br/> emulator (bsc#1182846)<br/> - CVE-2020-28368: VUL-0: xen: Intel RAPL sidechannel attack aka PLATYPUS<br/> attack aka (bsc#1178591, XSA-351)<br/> - L3: conring size for XEN HV's with huge memory to small. Inital Xen logs<br/> cut (bsc#1177204)<br/> - Kdump of HVM fails, soft-reset not handled by libxl (bsc#1179148)<br/> - OpenQA job causes libvirtd to dump core when running kdump inside domain<br/> (bsc#1181989)<br/> - Allow restart of xenwatchdogd, enable tuning of keep-alive interval and<br/> timeout<br/> options via XENWATCHDOGD_ARGS= (bsc#1178736)<br/> - The receiving side did detect holes in a to-be-allocated superpage, but<br/> allocated a superpage anyway. This resulted to over-allocation<br/> (bsc#1177112)<br/> - The receiving side may punch holes incorrectly into optimistically<br/> allocated superpages. Also reduce overhead in bitmap handling<br/> (bsc#1177112)<br/> - Upstream bug fixes (bsc#1027519)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T10:30:09Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "174875",

"SEVERITY_LEVEL": "1",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "xen",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008585.html\" TARGET=\"_blank\">SUSE-SU-2021:1023-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008585.html\" TARGET=\"_blank\">SUSE-SU-2021:1023-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for xen (SUSE-SU-2021:1023-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1023-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008585.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"DIAGNOSIS": "This update for fwupdate fixes the following issues:<br/><br/> - Add SBAT section to EFI images (bsc#1182057)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T10:05:59Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-14T11:33:21Z",

"QID": "174880",

"SEVERITY_LEVEL": "1",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "suse_enterprise_linux",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008597.html\" TARGET=\"_blank\">SUSE-SU-2021:1103-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008597.html\" TARGET=\"_blank\">SUSE-SU-2021:1103-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for fwupdate (SUSE-SU-2021:1103-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1103-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008597.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"DIAGNOSIS": "This update for fwupdate fixes the following issues:<br/><br/> - Add SBAT section to EFI images (bsc#1182057)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T10:05:47Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-14T11:33:21Z",

"QID": "174882",

"SEVERITY_LEVEL": "1",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "suse_enterprise_linux",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008599.html\" TARGET=\"_blank\">SUSE-SU-2021:1104-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008599.html\" TARGET=\"_blank\">SUSE-SU-2021:1104-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for fwupdate (SUSE-SU-2021:1104-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1104-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008599.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"DIAGNOSIS": "This update for fwupdate fixes the following issues:<br/><br/> - Add SBAT section to EFI images (bsc#1182057)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T10:05:41Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-14T11:33:21Z",

"QID": "174883",

"SEVERITY_LEVEL": "1",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "suse_enterprise_linux",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008600.html\" TARGET=\"_blank\">SUSE-SU-2021:1111-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008600.html\" TARGET=\"_blank\">SUSE-SU-2021:1111-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for fwupdate (SUSE-SU-2021:1111-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1111-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008600.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-29136",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29136"

}

},

"DIAGNOSIS": "This update for umoci fixes the following issues:<br/><br/> - Update to umoci v0.4.6.<br/> - CVE-2021-29136: malicious layer allows overwriting of host files<br/> (bsc#1184147)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T10:05:07Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-14T11:33:21Z",

"QID": "174885",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "umoci",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008608.html\" TARGET=\"_blank\">SUSE-SU-2021:1116-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008608.html\" TARGET=\"_blank\">SUSE-SU-2021:1116-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for umoci (SUSE-SU-2021:1116-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1116-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008608.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-30004",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004"

}

},

"DIAGNOSIS": "This update for wpa_supplicant fixes the following issues:<br/><br/> - CVE-2021-30004: Fixed an issue where forging attacks might have occured<br/> because AlgorithmIdentifier parameters were mishandled in tls/pkcs1.c<br/> and tls/x509v3.c (bsc#1184348)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-14T11:33:21Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T11:33:21Z",

"QID": "174886",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "wpa_supplicant",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008610.html\" TARGET=\"_blank\">SUSE-SU-2021:1125-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008610.html\" TARGET=\"_blank\">SUSE-SU-2021:1125-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for wpa_supplicant (SUSE-SU-2021:1125-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1125-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008610.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-12420",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12420"

},

{

"ID": "CVE-2020-1946",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1946"

}

]

},

"DIAGNOSIS": "This update for spamassassin fixes the following issues:<br/><br/> - spamassassin was updated to version 3.4.5<br/> - CVE-2019-12420: memory leak via crafted messages (bsc#1159133)<br/> - CVE-2020-1946: security update (bsc#1184221)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174887",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "spamassassin",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008613.html\" TARGET=\"_blank\">SUSE-SU-2021:1152-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008613.html\" TARGET=\"_blank\">SUSE-SU-2021:1152-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for spamassassin (SUSE-SU-2021:1152-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1152-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008613.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-12420",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12420"

},

{

"ID": "CVE-2020-1946",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1946"

}

]

},

"DIAGNOSIS": "This update for spamassassin fixes the following issues:<br/><br/> - CVE-2019-12420: memory leak via crafted messages (bsc#1159133)<br/> - CVE-2020-1946: security update (bsc#1184221)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T10:04:35Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174888",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "spamassassin",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008614.html\" TARGET=\"_blank\">SUSE-SU-2021:1153-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008614.html\" TARGET=\"_blank\">SUSE-SU-2021:1153-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for spamassassin (SUSE-SU-2021:1153-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1153-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008614.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20208",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20208"

}

},

"DIAGNOSIS": "This update for cifs-utils fixes the following issues:<br/><br/> - CVE-2021-20208: Fixed a potential kerberos auth leak escaping from<br/> container (bsc#1183239)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:38Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:38Z",

"QID": "174890",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "cifs-utils",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008617.html\" TARGET=\"_blank\">SUSE-SU-2021:1159-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008617.html\" TARGET=\"_blank\">SUSE-SU-2021:1159-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for cifs-utils (SUSE-SU-2021:1159-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1159-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008617.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-13987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13987"

},

{

"ID": "CVE-2020-17437",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17437"

},

{

"ID": "CVE-2020-17438",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17438"

},

{

"ID": "CVE-2020-13988",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13988"

}

]

},

"DIAGNOSIS": "This update for open-iscsi fixes the following issues:<br/><br/> - CVE-2020-17437: uIP Out-of-Bounds Write (bsc#1179908)<br/> - CVE-2020-17438: uIP Out-of-Bounds Write (bsc#1179908)<br/> - CVE-2020-13987: uIP Out-of-Bounds Read (bsc#1179908)<br/> - CVE-2020-13988: uIP Integer Overflow (bsc#1179908)<br/> - Enabled no-wait (&quot;-W&quot;) iscsiadm option for iscsi login service<br/> (bsc#1173886, bsc#1183421)<br/> - Added the ability to perform async logins (bsc#1173886)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174892",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "open-iscsi",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008619.html\" TARGET=\"_blank\">SUSE-SU-2021:1164-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008619.html\" TARGET=\"_blank\">SUSE-SU-2021:1164-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for open-iscsi (SUSE-SU-2021:1164-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1164-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008619.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-12420",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12420"

},

{

"ID": "CVE-2020-1946",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1946"

}

]

},

"DIAGNOSIS": "This update for spamassassin fixes the following issues:<br/><br/> - CVE-2019-12420: memory leak via crafted messages (bsc#1159133)<br/> - CVE-2020-1946: security update (bsc#1184221)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174894",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "spamassassin",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008622.html\" TARGET=\"_blank\">SUSE-SU-2021:1163-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008622.html\" TARGET=\"_blank\">SUSE-SU-2021:1163-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for spamassassin (SUSE-SU-2021:1163-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1163-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008622.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-29562",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562"

},

{

"ID": "CVE-2020-27618",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618"

},

{

"ID": "CVE-2020-29573",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29573"

}

]

},

"DIAGNOSIS": "This update for glibc fixes the following issues:<br/><br/> - CVE-2020-27618: Accept redundant shift sequences in IBM1364 (bsc#1178386)<br/> - CVE-2020-29562: Fix incorrect UCS4 inner loop bounds (bsc#1179694)<br/> - CVE-2020-29573: Harden printf against non-normal long double values<br/> (bsc#1179721)<br/> - Check vector support in memmove ifunc-selector (bsc#1184034)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174895",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "glibc",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008623.html\" TARGET=\"_blank\">SUSE-SU-2021:1165-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008623.html\" TARGET=\"_blank\">SUSE-SU-2021:1165-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for glibc (SUSE-SU-2021:1165-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1165-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008623.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2021-29264",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29264"

},

{

"ID": "CVE-2021-28964",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28964"

},

{

"ID": "CVE-2020-27170",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27170"

},

{

"ID": "CVE-2020-27171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27171"

},

{

"ID": "CVE-2021-28971",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28971"

},

{

"ID": "CVE-2021-29647",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29647"

},

{

"ID": "CVE-2021-3428",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3428"

},

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

},

{

"ID": "CVE-2020-35519",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35519"

},

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2020-29374",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29374"

},

{

"ID": "CVE-2021-3444",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3444"

},

{

"ID": "CVE-2021-28038",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28038"

},

{

"ID": "CVE-2021-28972",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28972"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

},

{

"ID": "CVE-2020-27815",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27815"

},

{

"ID": "CVE-2020-29368",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29368"

},

{

"ID": "CVE-2021-28688",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28688"

},

{

"ID": "CVE-2021-29265",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29265"

},

{

"ID": "CVE-2020-0433",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0433"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-28660",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28660"

}

]

},

"DIAGNOSIS": "The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive<br/> various security and bugfixes.<br/><br/> The following security bugs were fixed:<br/><br/> - CVE-2021-3444: Fixed an issue with the bpf verifier which did not<br/> properly handle mod32 destination register truncation when the source<br/> register was known to be 0 leading to out of bounds read (bsc#1184170).<br/> - CVE-2021-3428: Fixed an integer overflow in ext4_es_cache_extent<br/> (bsc#1173485).<br/> - CVE-2021-29647: Fixed an issue in qrtr_recvmsg which could have allowed<br/> attackers to obtain sensitive information from kernel memory because of<br/> a partially uninitialized data structure (bsc#1184192 ).<br/> - CVE-2021-29265: Fixed an issue in usbip_sockfd_store which could have<br/> allowed attackers to cause a denial of service due to race conditions<br/> during an update of the local and shared status (bsc#1184167).<br/> - CVE-2021-29264: Fixed an issue in the Freescale Gianfar Ethernet driver<br/> which could have allowed attackers to cause a system crash due to a<br/> calculation of negative fragment size (bsc#1184168).<br/> - CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a<br/> new device name to the driver from userspace, allowing userspace to<br/> write data to the kernel stack frame directly (bsc#1184198).<br/> - CVE-2021-28971: Fixed an issue in intel_pmu_drain_pebs_nhm which could<br/> have caused a system crash because the PEBS status in a PEBS record was<br/> mishandled (bsc#1184196 ).<br/> - CVE-2021-28964: Fixed a race condition in get_old_root which could have<br/> allowed attackers to cause a denial of service (bsc#1184193).<br/> - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc#1183646).<br/> - CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan<br/> (bsc#1183593 ).<br/> - CVE-2021-28038: Fixed an issue with the netback driver which was lacking<br/> necessary treatment of errors such as failed memory allocations<br/> (bsc#1183022).<br/> - CVE-2021-27365: Fixed an issue where an unprivileged user can send a<br/> Netlink message that is associated with iSCSI, and has a length up to<br/> the maximum length of a Netlink message (bsc#1182715).<br/> - CVE-2021-27364: Fixed an issue where an attacker could craft Netlink<br/> messages (bsc#1182717).<br/> - CVE-2021-27363: Fixed a kernel pointer leak which could have been used<br/> to determine the address of the iscsi_transport structure (bsc#1182716).<br/> - CVE-2020-35519: Fixed an out-of-bounds memory access was found in<br/> x25_bind (bsc#1183696).<br/> - CVE-2020-27815: Fixed an issue in JFS filesystem where could have<br/> allowed an attacker to execute code (bsc#1179454).<br/> - CVE-2020-27171: Fixed an off-by-one error affecting out-of-bounds<br/> speculation on pointer arithmetic, leading to side-channel attacks that<br/> defeat Spectre mitigations and obtain sensitive information from kernel<br/> memory (bsc#1183775).<br/> - CVE-2020-27170: Fixed potential side-channel attacks that defeat Spectre<br/> mitigations and obtain sensitive information from kernel memory<br/> (bsc#1183686).<br/> - CVE-2021-26930: Fixed an improper error handling in blkback's grant<br/> mapping (XSA-365 bsc#1181843).<br/> - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant<br/> mapping errors as bugs (XSA-362 bsc#1181753).<br/> - CVE-2021-26932: Fixed improper error handling issues in Linux grant<br/> mapping (XSA-361 bsc#1181747).<br/> - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write<br/> implementation which could have granted unintended write access because<br/> of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).<br/> - CVE-2020-0433: Fixed a use after free due to improper locking which<br/> could have led to local escalation of privilege (bsc#1176720).<br/><br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174897",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "kernel",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008625.html\" TARGET=\"_blank\">SUSE-SU-2021:1175-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008625.html\" TARGET=\"_blank\">SUSE-SU-2021:1175-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1175-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1175-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008625.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3472",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472"

}

},

"DIAGNOSIS": "This update for xorg-x11-server fixes the following issues:<br/><br/> - CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege<br/> Escalation (bsc#1180128)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174898",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "xorg-x11-server",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008628.html\" TARGET=\"_blank\">SUSE-SU-2021:1179-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008628.html\" TARGET=\"_blank\">SUSE-SU-2021:1179-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for xorg-x11-server (SUSE-SU-2021:1179-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1179-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008628.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-1405",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405"

},

{

"ID": "CVE-2021-1252",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252"

},

{

"ID": "CVE-2021-1404",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404"

}

]

},

"DIAGNOSIS": "This update for clamav fixes the following issues:<br/><br/> - CVE-2021-1252: Fix for Excel XLM parser infinite loop. (bsc#1184532)<br/> - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash.<br/> (bsc#1184533)<br/> - CVE-2021-1405: Fix for mail parser NULL-dereference crash. (bsc#1184534)<br/> - Fix errors when scanning files &gt; 4G (bsc#1181256)<br/> - Update clamav.keyring<br/> - Update to 0.103.2",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174899",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "clamav",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008629.html\" TARGET=\"_blank\">SUSE-SU-2021:1174-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008629.html\" TARGET=\"_blank\">SUSE-SU-2021:1174-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for clamav (SUSE-SU-2021:1174-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1174-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008629.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3472",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472"

}

},

"DIAGNOSIS": "This update for xorg-x11-server fixes the following issues:<br/><br/> - CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege<br/> Escalation (bsc#1180128)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174900",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "xorg-x11-server",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008630.html\" TARGET=\"_blank\">SUSE-SU-2021:1181-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008630.html\" TARGET=\"_blank\">SUSE-SU-2021:1181-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for xorg-x11-server (SUSE-SU-2021:1181-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1181-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008630.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3472",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472"

}

},

"DIAGNOSIS": "This update for xorg-x11-server fixes the following issues:<br/><br/> - CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege<br/> Escalation (bsc#1180128)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174901",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "xorg-x11-server",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008631.html\" TARGET=\"_blank\">SUSE-SU-2021:1180-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008631.html\" TARGET=\"_blank\">SUSE-SU-2021:1180-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for xorg-x11-server (SUSE-SU-2021:1180-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1180-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008631.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-1405",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405"

},

{

"ID": "CVE-2021-1252",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252"

},

{

"ID": "CVE-2021-1404",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404"

}

]

},

"DIAGNOSIS": "This update for clamav fixes the following issues:<br/><br/> - CVE-2021-1252: Fix for Excel XLM parser infinite loop. (bsc#1184532)<br/> - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash.<br/> (bsc#1184533)<br/> - CVE-2021-1405: Fix for mail parser NULL-dereference crash. (bsc#1184534)<br/> - Fix errors when scanning files &gt; 4G (bsc#1181256)<br/> - Update clamav.keyring<br/> - Update to 0.103.2",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174903",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "clamav",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008636.html\" TARGET=\"_blank\">SUSE-SU-2021:1190-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008636.html\" TARGET=\"_blank\">SUSE-SU-2021:1190-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for clamav (SUSE-SU-2021:1190-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1190-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008636.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-25329",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329"

},

{

"ID": "CVE-2020-9484",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484"

},

{

"ID": "CVE-2021-25122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"

}

]

},

"DIAGNOSIS": "This update for tomcat fixes the following issues:<br/><br/> - CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912)<br/> - CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "174905",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "tomcat",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008569.html\" TARGET=\"_blank\">SUSE-SU-2021:0988-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008569.html\" TARGET=\"_blank\">SUSE-SU-2021:0988-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for tomcat (SUSE-SU-2021:0988-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0988-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008569.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-25329",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329"

},

{

"ID": "CVE-2020-9484",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484"

},

{

"ID": "CVE-2021-25122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"

},

{

"ID": "CVE-2021-24122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122"

}

]

},

"DIAGNOSIS": "This update for tomcat fixes the following issues:<br/><br/> - Fixed CVEs:<br/> * CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912)<br/> * CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)<br/> - Log if file access is blocked due to symlinks: CVE-2021-24122<br/> (bsc#1180947)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "174906",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "tomcat",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008570.html\" TARGET=\"_blank\">SUSE-SU-2021:0989-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008570.html\" TARGET=\"_blank\">SUSE-SU-2021:0989-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for tomcat (SUSE-SU-2021:0989-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0989-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008570.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2013-7484",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7484"

},

{

"ID": "CVE-2021-27927",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27927"

}

]

},

"DIAGNOSIS": "This update for zabbix fixes the following issues:<br/><br/> - CVE-2021-27927: Fixed an improper CSRF protection mechanism<br/> (bsc#1183014).<br/> - CVE-2013-7484: Fixed an issue where passwords in the users table were<br/> unsalted (bsc#1158321).",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "174907",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "zabbix",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008571.html\" TARGET=\"_blank\">SUSE-SU-2021:0990-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008571.html\" TARGET=\"_blank\">SUSE-SU-2021:0990-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for zabbix (SUSE-SU-2021:0990-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0990-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008571.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-28211",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28211"

},

{

"ID": "CVE-2021-28210",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28210"

}

]

},

"DIAGNOSIS": "This update for ovmf fixes the following issues:<br/><br/> - CVE-2021-28211: ovmf: edk2: possible heap corruption with<br/> LzmaUefiDecompressGetInfo (bsc#1183578)<br/> - CVE-2021-28210: ovmf: unlimited FV recursion, round 2 (bsc#1183579)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "174908",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "ovmf",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008572.html\" TARGET=\"_blank\">SUSE-SU-2021:0987-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008572.html\" TARGET=\"_blank\">SUSE-SU-2021:0987-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for ovmf (SUSE-SU-2021:0987-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0987-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008572.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

}

]

},

"DIAGNOSIS": "This update for MozillaFirefox fixes the following issues:<br/><br/> - Firefox was updated to 78.9.0 ESR (MFSA 2021-11, bsc#1183942)<br/> * CVE-2021-23981: Texture upload into an unbound backing buffer resulted<br/> in an out-of-bound read<br/> * CVE-2021-23982: Internal network hosts could have been probed by a<br/> malicious webpage<br/> * CVE-2021-23984: Malicious extensions could have spoofed popup<br/> information<br/> * CVE-2021-23987: Memory safety bugs",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "174909",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "firefox",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008573.html\" TARGET=\"_blank\">SUSE-SU-2021:0999-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-March/008573.html\" TARGET=\"_blank\">SUSE-SU-2021:0999-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2021:0999-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:0999-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008573.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3472",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472"

}

},

"DIAGNOSIS": "This update for xorg-x11-server fixes the following issues:<br/><br/> - CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege<br/> Escalation (bsc#1180128)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174910",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "xorg-x11-server",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008637.html\" TARGET=\"_blank\">SUSE-SU-2021:1188-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008637.html\" TARGET=\"_blank\">SUSE-SU-2021:1188-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for xorg-x11-server (SUSE-SU-2021:1188-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1188-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008637.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-1405",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405"

},

{

"ID": "CVE-2021-1252",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252"

},

{

"ID": "CVE-2021-1404",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404"

}

]

},

"DIAGNOSIS": "This update for clamav fixes the following issues:<br/><br/> - CVE-2021-1252: Fix for Excel XLM parser infinite loop. (bsc#1184532)<br/> - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash.<br/> (bsc#1184533)<br/> - CVE-2021-1405: Fix for mail parser NULL-dereference crash. (bsc#1184534)<br/> - Fix errors when scanning files &gt; 4G (bsc#1181256)<br/> - Update clamav.keyring<br/> - Update to 0.103.2",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174911",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "clamav",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008638.html\" TARGET=\"_blank\">SUSE-SU-2021:1189-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008638.html\" TARGET=\"_blank\">SUSE-SU-2021:1189-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for clamav (SUSE-SU-2021:1189-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1189-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008638.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-9484",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484"

},

{

"ID": "CVE-2021-25122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"

},

{

"ID": "CVE-2021-24122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122"

},

{

"ID": "CVE-2021-25329",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329"

}

]

},

"DIAGNOSIS": "This update for tomcat fixes the following issues:<br/><br/> - CVE-2021-24122: Fixed an information disclosure if resources are served<br/> from the NTFS file system (bsc#1180947).<br/> - CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912)<br/> - CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "174912",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "tomcat",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008578.html\" TARGET=\"_blank\">SUSE-SU-2021:1009-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008578.html\" TARGET=\"_blank\">SUSE-SU-2021:1009-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for tomcat (SUSE-SU-2021:1009-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1009-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008578.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

}

]

},

"DIAGNOSIS": "This update for MozillaFirefox fixes the following issues:<br/><br/> - Firefox was updated to 78.9.0 ESR (MFSA 2021-11, bsc#1183942)<br/> * CVE-2021-23981: Texture upload into an unbound backing buffer resulted<br/> in an out-of-bound read<br/> * CVE-2021-23982: Internal network hosts could have been probed by a<br/> malicious webpage<br/> * CVE-2021-23984: Malicious extensions could have spoofed popup<br/> information<br/> * CVE-2021-23987: Memory safety bugs",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "174913",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "firefox",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008579.html\" TARGET=\"_blank\">SUSE-SU-2021:1007-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008579.html\" TARGET=\"_blank\">SUSE-SU-2021:1007-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2021:1007-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1007-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008579.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"DIAGNOSIS": "This update for OpenIPMI fixes the following issues:<br/><br/> - Fixed an issue where OpenIPMI was creating non-position independent<br/> binaries (bsc#1183178).",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "174914",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "suse_enterprise_linux",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008580.html\" TARGET=\"_blank\">SUSE-SU-2021:1010-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008580.html\" TARGET=\"_blank\">SUSE-SU-2021:1010-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for OpenIPMI (SUSE-SU-2021:1010-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1010-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008580.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "SUSE",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3472",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472"

}

},

"DIAGNOSIS": "This update for xorg-x11-server fixes the following issues:<br/><br/> - CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege<br/> Escalation (bsc#1180128)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "174915",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "xorg-x11-server",

"VENDOR": "suse"

}

},

"SOLUTION": "Upgrade to the latest package which contains the patch. To install this SUSE Security,\n \nUpdate use YaST online_update. Alternatively you can run the command listed for your product.\n \nTo install packages using the command line interface, use command &quot;yum update&quot;.\n \nRefer to Suse security advisory: <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008639.html\" TARGET=\"_blank\">SUSE-SU-2021:1187-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.suse.com/pipermail/sle-security-updates/2021-April/008639.html\" TARGET=\"_blank\">SUSE-SU-2021:1187-1: SUSE Enterprise Linux</A>",

"TITLE": "SUSE Enterprise Linux Security Update for xorg-x11-server (SUSE-SU-2021:1187-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SUSE-SU-2021:1187-1",

"URL": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008639.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20270",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"

}

},

"DIAGNOSIS": "Debian has released security update for pygments to fix the vulnerabilities.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178484",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00051.html\" TARGET=\"_blank\">DSA 4870-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00051.html\" TARGET=\"_blank\">DSA 4870-1: Debian</A>",

"TITLE": "Debian Security Update for pygments (DSA 4870-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4870-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00051.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-28089",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28089"

},

{

"ID": "CVE-2021-28090",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28090"

}

]

},

"DIAGNOSIS": "Debian has released security update for tor to fix the vulnerabilities.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178485",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00052.html\" TARGET=\"_blank\">DSA 4871-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00052.html\" TARGET=\"_blank\">DSA 4871-1: Debian</A>",

"TITLE": "Debian Security Update for tor (DSA 4871-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4871-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00052.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27291",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"

}

},

"DIAGNOSIS": "Debian has released security update for pygments to fix the vulnerabilities.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T16:48:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178487",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian LTS Announce <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html\" TARGET=\"_blank\">DLA 2600-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html\" TARGET=\"_blank\">DLA 2600-1: Debian</A>",

"TITLE": "Debian Security Update for pygments (DLA 2600-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2600-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-36277",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36277"

},

{

"ID": "CVE-2020-36278",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36278"

},

{

"ID": "CVE-2020-36279",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36279"

},

{

"ID": "CVE-2020-36281",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36281"

}

]

},

"DIAGNOSIS": "Debian has released security update for leptonlib to fix the vulnerabilities.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T16:48:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178488",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian LTS Announce <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00037.html\" TARGET=\"_blank\">DLA 2612-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00037.html\" TARGET=\"_blank\">DLA 2612-1: Debian</A>",

"TITLE": "Debian Security Update for leptonlib (DLA 2612-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2612-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00037.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27291",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"

}

},

"DIAGNOSIS": "Debian has released security update for pygments to fix the vulnerabilities.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178489",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00059.html\" TARGET=\"_blank\">DSA 4878-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00059.html\" TARGET=\"_blank\">DSA 4878-1: Debian</A>",

"TITLE": "Debian Security Update for pygments (DSA 4878-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4878-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00059.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-28831",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831"

}

},

"DIAGNOSIS": "Debian has released security update for busybox to fix the vulnerabilities.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178490",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian LTS Announce <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html\" TARGET=\"_blank\">DLA 2614-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html\" TARGET=\"_blank\">DLA 2614-1: Debian</A>",

"TITLE": "Debian Security Update for busybox (DLA 2614-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2614-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-10730",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730"

},

{

"ID": "CVE-2020-27840",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840"

},

{

"ID": "CVE-2021-20277",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277"

}

]

},

"DIAGNOSIS": "Debian has released security update for ldb to fix the vulnerabilities.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178491",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00065.html\" TARGET=\"_blank\">DSA 4884-1</A> to address this issue and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00065.html\" TARGET=\"_blank\">DSA 4884-1: Debian</A>",

"TITLE": "Debian Security Update for ldb (DSA 4884-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4884-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00065.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-24122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122"

},

{

"ID": "CVE-2021-25122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"

},

{

"ID": "CVE-2021-25329",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329"

},

{

"ID": "CVE-2021-24122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122"

},

{

"ID": "CVE-2021-25122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"

},

{

"ID": "CVE-2021-25329",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329"

},

{

"ID": "CVE-2020-9494",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9494"

},

{

"ID": "CVE-2020-9484",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484"

},

{

"ID": "CVE-2020-9484",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484"

}

]

},

"DIAGNOSIS": "Debian has released security update for tomcat8\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178492",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html\" TARGET=\"_blank\">DLA 2596-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html\" TARGET=\"_blank\">DLA 2596-1: Debian</A>",

"TITLE": "Debian Security Update for tomcat8 (DLA 2596-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2596-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-13936",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13936"

}

},

"DIAGNOSIS": "Debian has released security update for velocity\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178493",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html\" TARGET=\"_blank\">DLA 2595-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html\" TARGET=\"_blank\">DLA 2595-1: Debian</A>",

"TITLE": "Debian Security Update for velocity (DLA 2595-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2595-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2017-12424",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12424"

},

{

"ID": "CVE-2017-20002",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20002"

},

{

"ID": "CVE-2017-20002",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20002"

},

{

"ID": "CVE-2017-12424",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12424"

}

]

},

"DIAGNOSIS": "Debian has released security update for shadow\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178494",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "shadow",

"VENDOR": "debian"

},

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html\" TARGET=\"_blank\">DLA 2596-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html\" TARGET=\"_blank\">DLA 2596-1: Debian</A>",

"TITLE": "Debian Security Update for shadow (DLA 2596-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2596-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-13959",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13959"

}

},

"DIAGNOSIS": "Debian has released security update for velocity-tools\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178495",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00021.html\" TARGET=\"_blank\">DLA 2597-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00021.html\" TARGET=\"_blank\">DLA 2597-1: Debian</A>",

"TITLE": "Debian Security Update for velocity-tools (DLA 2597-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2597-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00021.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-25097",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25097"

}

},

"DIAGNOSIS": "Debian has released security update for squid3\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178496",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00022.html\" TARGET=\"_blank\">DLA 2598-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00022.html\" TARGET=\"_blank\">DLA 2598-1: Debian</A>",

"TITLE": "Debian Security Update for squid3 (DLA 2598-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2598-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00022.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3429",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3429"

}

},

"DIAGNOSIS": "Debian has released security update for cloud-init\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178497",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00025.html\" TARGET=\"_blank\">DLA 2601-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00025.html\" TARGET=\"_blank\">DLA 2601-1: Debian</A>",

"TITLE": "Debian Security Update for cloud-init (DLA 2601-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2601-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00025.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27135",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27135"

}

},

"DIAGNOSIS": "Debian has released security update for xterm\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178498",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00026.html\" TARGET=\"_blank\">DLA 2558-2</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00026.html\" TARGET=\"_blank\">DLA 2558-2: Debian</A>",

"TITLE": "Debian Security Update for xterm (DLA 2558-2)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2558-2",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00026.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-25681",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"

},

{

"ID": "CVE-2020-25682",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"

},

{

"ID": "CVE-2020-25683",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"

},

{

"ID": "CVE-2020-25684",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"

},

{

"ID": "CVE-2020-25687",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"

}

]

},

"DIAGNOSIS": "Debian has released security update for dnsmasq\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178499",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html\" TARGET=\"_blank\">DLA 2604-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html\" TARGET=\"_blank\">DLA 2604-1: Debian</A>",

"TITLE": "Debian Security Update for dnsmasq (DLA 2604-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2604-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": {

"DESC": "MariaDB 10.2 /MySQL - 'wsrep_provider' OS Command Execution - The Exploit-DB Ref : 49765",

"LINK": "http://www.exploit-db.com/exploits/49765",

"REF": "CVE-2021-27928"

}

},

"SRC_NAME": "The Exploit-DB"

}

}

},

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27928",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27928"

}

},

"DIAGNOSIS": "Debian has released security update for mariadb-10.1\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178500",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00028.html\" TARGET=\"_blank\">DLA 2605-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00028.html\" TARGET=\"_blank\">DLA 2605-1: Debian</A>",

"TITLE": "Debian Security Update for mariadb-10.1 (DLA 2605-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2605-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00028.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-11372",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11372"

},

{

"ID": "CVE-2019-11373",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11373"

},

{

"ID": "CVE-2020-15395",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15395"

},

{

"ID": "CVE-2020-26797",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26797"

}

]

},

"DIAGNOSIS": "Debian has released security update for libmediainfo\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178501",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00029.html\" TARGET=\"_blank\">DLA 2603-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00029.html\" TARGET=\"_blank\">DLA 2603-1: Debian</A>",

"TITLE": "Debian Security Update for libmediainfo (DLA 2603-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2603-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00029.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-25666",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25666"

},

{

"ID": "CVE-2020-25675",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25675"

},

{

"ID": "CVE-2020-25676",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25676"

},

{

"ID": "CVE-2020-27754",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27754"

},

{

"ID": "CVE-2020-27757",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27757"

},

{

"ID": "CVE-2020-27758",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27758"

},

{

"ID": "CVE-2020-27759",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27759"

},

{

"ID": "CVE-2020-27761",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27761"

},

{

"ID": "CVE-2020-27762",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27762"

},

{

"ID": "CVE-2020-27764",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27764"

},

{

"ID": "CVE-2020-27766",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27766"

},

{

"ID": "CVE-2020-27767",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27767"

},

{

"ID": "CVE-2020-27768",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27768"

},

{

"ID": "CVE-2020-27769",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27769"

},

{

"ID": "CVE-2020-27770",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27770"

},

{

"ID": "CVE-2020-27771",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27771"

},

{

"ID": "CVE-2020-27772",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27772"

},

{

"ID": "CVE-2020-27774",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27774"

},

{

"ID": "CVE-2020-27775",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27775"

},

{

"ID": "CVE-2021-20176",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20176"

},

{

"ID": "CVE-2021-20241",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20241"

},

{

"ID": "CVE-2021-20244",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20244"

},

{

"ID": "CVE-2021-20246",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20246"

}

]

},

"DIAGNOSIS": "Debian has released security update for imagemagick\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178502",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html\" TARGET=\"_blank\">DLA 2602-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html\" TARGET=\"_blank\">DLA 2602-1: Debian</A>",

"TITLE": "Debian Security Update for imagemagick (DLA 2602-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2602-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-28957",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28957"

}

},

"DIAGNOSIS": "Debian has released security update for lxml\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178503",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html\" TARGET=\"_blank\">DLA 2606-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html\" TARGET=\"_blank\">DLA 2606-1: Debian</A>",

"TITLE": "Debian Security Update for lxml (DLA 2606-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2606-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Debian has released security update for firefox-esr\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178504",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00032.html\" TARGET=\"_blank\">DLA 2607-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00032.html\" TARGET=\"_blank\">DLA 2607-1: Debian</A>",

"TITLE": "Debian Security Update for firefox-esr (DLA 2607-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2607-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00032.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": [

{

"DESC": "jQuery 1.2 - Cross-Site Scripting (XSS) - The Exploit-DB Ref : 49766",

"LINK": "http://www.exploit-db.com/exploits/49766",

"REF": "CVE-2020-11022"

},

{

"DESC": "jQuery 1.0.3 - Cross-Site Scripting (XSS) - The Exploit-DB Ref : 49767",

"LINK": "http://www.exploit-db.com/exploits/49767",

"REF": "CVE-2020-11023"

}

]

},

"SRC_NAME": "The Exploit-DB"

}

}

},

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-11022",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022"

},

{

"ID": "CVE-2020-11023",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023"

}

]

},

"DIAGNOSIS": "Debian has released security update for jquery\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:15Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:15Z",

"QID": "178505",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html\" TARGET=\"_blank\">DLA 2608-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html\" TARGET=\"_blank\">DLA 2608-1: Debian</A>",

"TITLE": "Debian Security Update for jquery (DLA 2608-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2608-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Debian has released security update for thunderbird\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "178506",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00034.html\" TARGET=\"_blank\">DLA 2609-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00034.html\" TARGET=\"_blank\">DLA 2609-1: Debian</A>",

"TITLE": "Debian Security Update for thunderbird (DLA 2609-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2609-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00034.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-27170",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27170"

},

{

"ID": "CVE-2020-27171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27171"

},

{

"ID": "CVE-2021-3348",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3348"

},

{

"ID": "CVE-2021-3428",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3428"

},

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

},

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

},

{

"ID": "CVE-2021-28038",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28038"

},

{

"ID": "CVE-2021-28660",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28660"

},

{

"ID": "CVE-2020-27170",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27170"

},

{

"ID": "CVE-2020-27171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27171"

},

{

"ID": "CVE-2021-3348",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3348"

},

{

"ID": "CVE-2021-3428",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3428"

},

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

},

{

"ID": "CVE-2021-26932",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26932"

},

{

"ID": "CVE-2021-28038",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28038"

},

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

},

{

"ID": "CVE-2021-28660",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28660"

}

]

},

"DIAGNOSIS": "Debian has released security update for linux-4.19\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "178507",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html\" TARGET=\"_blank\">DLA 2610-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html\" TARGET=\"_blank\">DLA 2610-1: Debian</A>",

"TITLE": "Debian Security Update for linux-4.19 (DLA 2610-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2610-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-27840",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840"

},

{

"ID": "CVE-2021-20277",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277"

}

]

},

"DIAGNOSIS": "Debian has released security update for ldb\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "178508",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00036.html\" TARGET=\"_blank\">DLA 2611-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00036.html\" TARGET=\"_blank\">DLA 2611-1: Debian</A>",

"TITLE": "Debian Security Update for ldb (DLA 2611-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2611-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00036.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-23358",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358"

}

},

"DIAGNOSIS": "Debian has released security update for underscore\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "178509",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html\" TARGET=\"_blank\">DLA 2613-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html\" TARGET=\"_blank\">DLA 2613-1: Debian</A>",

"TITLE": "Debian Security Update for underscore (DLA 2613-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2613-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-1946",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1946"

}

},

"DIAGNOSIS": "Debian has released security update for spamassassin\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "178510",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00000.html\" TARGET=\"_blank\">DLA 2615-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00000.html\" TARGET=\"_blank\">DLA 2615-1: Debian</A>",

"TITLE": "Debian Security Update for spamassassin (DLA 2615-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2615-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/04/msg00000.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21341",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21341"

},

{

"ID": "CVE-2021-21342",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21342"

},

{

"ID": "CVE-2021-21343",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21343"

},

{

"ID": "CVE-2021-21344",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21344"

},

{

"ID": "CVE-2021-21345",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21345"

},

{

"ID": "CVE-2021-21346",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21346"

},

{

"ID": "CVE-2021-21347",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21347"

},

{

"ID": "CVE-2021-21348",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21348"

},

{

"ID": "CVE-2021-21349",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21349"

},

{

"ID": "CVE-2021-21350",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21350"

},

{

"ID": "CVE-2021-21351",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21351"

}

]

},

"DIAGNOSIS": "Debian has released security update for libxstream-java\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "178511",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00002.html\" TARGET=\"_blank\">DLA 2616-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00002.html\" TARGET=\"_blank\">DLA 2616-1: Debian</A>",

"TITLE": "Debian Security Update for libxstream-java (DLA 2616-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2616-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/04/msg00002.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-15227",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15227"

}

},

"DIAGNOSIS": "Debian has released security update for php-nette\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "178512",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00003.html\" TARGET=\"_blank\">DLA 2617-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00003.html\" TARGET=\"_blank\">DLA 2617-1: Debian</A>",

"TITLE": "Debian Security Update for php-nette (DLA 2617-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2617-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/04/msg00003.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2018-13982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13982"

},

{

"ID": "CVE-2021-26119",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26119"

},

{

"ID": "CVE-2021-26120",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26120"

},

{

"ID": "CVE-2018-13982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13982"

},

{

"ID": "CVE-2021-26119",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26119"

},

{

"ID": "CVE-2021-26120",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26120"

}

]

},

"DIAGNOSIS": "Debian has released security update for smarty3\n to fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "178513",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html\" TARGET=\"_blank\">DLA 2618-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html\" TARGET=\"_blank\">DLA 2618-1: Debian</A>",

"TITLE": "Debian Security Update for smarty3 (DLA 2618-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DLA 2618-1",

"URL": "https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Debian has released security update forthunderbird\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178514",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00057.html\" TARGET=\"_blank\">DSA 4876-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00057.html\" TARGET=\"_blank\">DSA 4876-1: Debian</A>",

"TITLE": "Debian Security Update for thunderbird (DSA 4876-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4876-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00057.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-27918",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27918"

},

{

"ID": "CVE-2020-29623",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29623"

},

{

"ID": "CVE-2021-1765",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1765"

},

{

"ID": "CVE-2021-1789",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1789"

},

{

"ID": "CVE-2021-1799",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1799"

},

{

"ID": "CVE-2021-1801",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1801"

},

{

"ID": "CVE-2021-1870",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1870"

},

{

"ID": "CVE-2020-27918",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27918"

},

{

"ID": "CVE-2020-29623",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29623"

},

{

"ID": "CVE-2021-1765",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1765"

},

{

"ID": "CVE-2021-1789",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1789"

},

{

"ID": "CVE-2021-1799",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1799"

},

{

"ID": "CVE-2021-1801",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1801"

},

{

"ID": "CVE-2021-1870",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1870"

}

]

},

"DIAGNOSIS": "Debian has released security update forwebkit2gtk\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178515",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "None",

"VENDOR": "debian"

},

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00058.html\" TARGET=\"_blank\">DSA 4877-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00058.html\" TARGET=\"_blank\">DSA 4877-1: Debian</A>",

"TITLE": "Debian Security Update for webkit2gtk (DSA 4877-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4877-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00058.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-1946",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1946"

}

},

"DIAGNOSIS": "Debian has released security update forspamassassin\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178516",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00060.html\" TARGET=\"_blank\">DSA 4879-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00060.html\" TARGET=\"_blank\">DSA 4879-1: Debian</A>",

"TITLE": "Debian Security Update for spamassassin (DSA 4879-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4879-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00060.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-6851",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"

},

{

"ID": "CVE-2020-8112",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"

},

{

"ID": "CVE-2020-15389",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"

},

{

"ID": "CVE-2020-27814",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"

},

{

"ID": "CVE-2020-27823",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"

},

{

"ID": "CVE-2020-27824",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"

},

{

"ID": "CVE-2020-27841",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"

},

{

"ID": "CVE-2020-27842",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"

},

{

"ID": "CVE-2020-27843",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"

},

{

"ID": "CVE-2020-27845",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"

}

]

},

"DIAGNOSIS": "Debian has released security update foropenjpeg2\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178518",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00063.html\" TARGET=\"_blank\">DSA 4882-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00063.html\" TARGET=\"_blank\">DSA 4882-1: Debian</A>",

"TITLE": "Debian Security Update for openjpeg2 (DSA 4882-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4882-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00063.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-23358",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358"

}

},

"DIAGNOSIS": "Debian has released security update forunderscore\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178519",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00064.html\" TARGET=\"_blank\">DSA 4883-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00064.html\" TARGET=\"_blank\">DSA 4883-1: Debian</A>",

"TITLE": "Debian Security Update for underscore (DSA 4883-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4883-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00064.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-25097",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25097"

}

},

"DIAGNOSIS": "Debian has released security update forsquid\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178520",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00054.html\" TARGET=\"_blank\">DSA 4873-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00054.html\" TARGET=\"_blank\">DSA 4873-1: Debian</A>",

"TITLE": "Debian Security Update for squid (DSA 4873-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4873-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00054.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Debian has released security update forfirefox-esr\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178521",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00055.html\" TARGET=\"_blank\">DSA 4874-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00055.html\" TARGET=\"_blank\">DSA 4874-1: Debian</A>",

"TITLE": "Debian Security Update for firefox-esr (DSA 4874-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4874-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00055.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-8169",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"

},

{

"ID": "CVE-2020-8177",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"

},

{

"ID": "CVE-2020-8231",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"

},

{

"ID": "CVE-2020-8284",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"

},

{

"ID": "CVE-2020-8285",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"

},

{

"ID": "CVE-2020-8286",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"

},

{

"ID": "CVE-2021-22876",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"

},

{

"ID": "CVE-2021-22890",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"

},

{

"ID": "CVE-2020-8169",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"

},

{

"ID": "CVE-2020-8177",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"

},

{

"ID": "CVE-2020-8231",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"

},

{

"ID": "CVE-2020-8284",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"

},

{

"ID": "CVE-2020-8285",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"

},

{

"ID": "CVE-2020-8286",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"

},

{

"ID": "CVE-2021-22876",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"

},

{

"ID": "CVE-2021-22890",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"

}

]

},

"DIAGNOSIS": "Debian has released security update forcurl\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178522",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "curl",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00062.html\" TARGET=\"_blank\">DSA 4881-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00062.html\" TARGET=\"_blank\">DSA 4881-1: Debian</A>",

"TITLE": "Debian Security Update for curl (DSA 4881-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4881-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00062.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21381",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21381"

}

},

"DIAGNOSIS": "Debian has released security update forflatpak\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178523",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00049.html\" TARGET=\"_blank\">DSA 4868-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00049.html\" TARGET=\"_blank\">DSA 4868-1: Debian</A>",

"TITLE": "Debian Security Update for flatpak (DSA 4868-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4868-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00049.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-35523",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35523"

},

{

"ID": "CVE-2020-35524",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35524"

}

]

},

"DIAGNOSIS": "Debian has released security update fortiff\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178524",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00050.html\" TARGET=\"_blank\">DSA 4869-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00050.html\" TARGET=\"_blank\">DSA 4869-1: Debian</A>",

"TITLE": "Debian Security Update for tiff (DSA 4869-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4869-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00050.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-20444",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20444"

},

{

"ID": "CVE-2019-20445",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20445"

},

{

"ID": "CVE-2020-7238",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7238"

},

{

"ID": "CVE-2020-11612",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11612"

},

{

"ID": "CVE-2021-21290",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21290"

},

{

"ID": "CVE-2021-21295",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21295"

},

{

"ID": "CVE-2021-21409",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21409"

}

]

},

"DIAGNOSIS": "Debian has released security update fornetty\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178527",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00066.html\" TARGET=\"_blank\">DSA 4885-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00066.html\" TARGET=\"_blank\">DSA 4885-1: Debian</A>",

"TITLE": "Debian Security Update for netty (DSA 4885-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4885-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00066.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21159",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21159"

},

{

"ID": "CVE-2021-21160",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21160"

},

{

"ID": "CVE-2021-21161",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21161"

},

{

"ID": "CVE-2021-21162",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21162"

},

{

"ID": "CVE-2021-21163",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21163"

},

{

"ID": "CVE-2021-21165",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21165"

},

{

"ID": "CVE-2021-21166",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21166"

},

{

"ID": "CVE-2021-21167",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21167"

},

{

"ID": "CVE-2021-21168",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21168"

},

{

"ID": "CVE-2021-21169",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21169"

},

{

"ID": "CVE-2021-21170",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21170"

},

{

"ID": "CVE-2021-21171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21171"

},

{

"ID": "CVE-2021-21172",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21172"

},

{

"ID": "CVE-2021-21173",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21173"

},

{

"ID": "CVE-2021-21174",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21174"

},

{

"ID": "CVE-2021-21175",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21175"

},

{

"ID": "CVE-2021-21176",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21176"

},

{

"ID": "CVE-2021-21177",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21177"

},

{

"ID": "CVE-2021-21178",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21178"

},

{

"ID": "CVE-2021-21179",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21179"

},

{

"ID": "CVE-2021-21180",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21180"

},

{

"ID": "CVE-2021-21181",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21181"

},

{

"ID": "CVE-2021-21182",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21182"

},

{

"ID": "CVE-2021-21183",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21183"

},

{

"ID": "CVE-2021-21184",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21184"

},

{

"ID": "CVE-2021-21185",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21185"

},

{

"ID": "CVE-2021-21186",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21186"

},

{

"ID": "CVE-2021-21187",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21187"

},

{

"ID": "CVE-2021-21188",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21188"

},

{

"ID": "CVE-2021-21189",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21189"

},

{

"ID": "CVE-2021-21190",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21190"

},

{

"ID": "CVE-2021-21191",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21191"

},

{

"ID": "CVE-2021-21192",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21192"

},

{

"ID": "CVE-2021-21193",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21193"

},

{

"ID": "CVE-2021-21194",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21194"

},

{

"ID": "CVE-2021-21195",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21195"

},

{

"ID": "CVE-2021-21196",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21196"

},

{

"ID": "CVE-2021-21197",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21197"

},

{

"ID": "CVE-2021-21198",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21198"

},

{

"ID": "CVE-2021-21199",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21199"

},

{

"ID": "CVE-2021-21159",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21159"

},

{

"ID": "CVE-2021-21160",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21160"

},

{

"ID": "CVE-2021-21161",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21161"

},

{

"ID": "CVE-2021-21162",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21162"

},

{

"ID": "CVE-2021-21163",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21163"

},

{

"ID": "CVE-2021-21165",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21165"

},

{

"ID": "CVE-2021-21166",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21166"

},

{

"ID": "CVE-2021-21167",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21167"

},

{

"ID": "CVE-2021-21168",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21168"

},

{

"ID": "CVE-2021-21169",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21169"

},

{

"ID": "CVE-2021-21170",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21170"

},

{

"ID": "CVE-2021-21171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21171"

},

{

"ID": "CVE-2021-21172",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21172"

},

{

"ID": "CVE-2021-21173",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21173"

},

{

"ID": "CVE-2021-21174",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21174"

},

{

"ID": "CVE-2021-21175",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21175"

},

{

"ID": "CVE-2021-21176",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21176"

},

{

"ID": "CVE-2021-21177",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21177"

},

{

"ID": "CVE-2021-21178",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21178"

},

{

"ID": "CVE-2021-21179",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21179"

},

{

"ID": "CVE-2021-21180",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21180"

},

{

"ID": "CVE-2021-21181",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21181"

},

{

"ID": "CVE-2021-21182",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21182"

},

{

"ID": "CVE-2021-21183",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21183"

},

{

"ID": "CVE-2021-21184",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21184"

},

{

"ID": "CVE-2021-21185",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21185"

},

{

"ID": "CVE-2021-21186",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21186"

},

{

"ID": "CVE-2021-21187",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21187"

},

{

"ID": "CVE-2021-21188",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21188"

},

{

"ID": "CVE-2021-21189",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21189"

},

{

"ID": "CVE-2021-21190",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21190"

},

{

"ID": "CVE-2021-21191",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21191"

},

{

"ID": "CVE-2021-21192",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21192"

},

{

"ID": "CVE-2021-21193",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21193"

},

{

"ID": "CVE-2021-21194",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21194"

},

{

"ID": "CVE-2021-21195",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21195"

},

{

"ID": "CVE-2021-21196",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21196"

},

{

"ID": "CVE-2021-21197",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21197"

},

{

"ID": "CVE-2021-21198",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21198"

},

{

"ID": "CVE-2021-21199",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21199"

}

]

},

"DIAGNOSIS": "Debian has released security update forchromium\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178528",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00067.html\" TARGET=\"_blank\">DSA 4886-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00067.html\" TARGET=\"_blank\">DSA 4886-1: Debian</A>",

"TITLE": "Debian Security Update for chromium (DSA 4886-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4886-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00067.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21772",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21772"

}

},

"DIAGNOSIS": "Debian has released security update forlib3mf\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178529",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00068.html\" TARGET=\"_blank\">DSA 4887-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00068.html\" TARGET=\"_blank\">DSA 4887-1: Debian</A>",

"TITLE": "Debian Security Update for lib3mf (DSA 4887-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4887-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00068.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26933",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26933"

},

{

"ID": "CVE-2021-27379",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27379"

}

]

},

"DIAGNOSIS": "Debian has released security update forxen\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:39Z",

"QID": "178530",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00069.html\" TARGET=\"_blank\">DSA 4888-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00069.html\" TARGET=\"_blank\">DSA 4888-1: Debian</A>",

"TITLE": "Debian Security Update for xen (DSA 4888-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4888-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00069.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-20270",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270"

},

{

"ID": "CVE-2021-27291",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"

},

{

"ID": "CVE-2021-30152",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30152"

},

{

"ID": "CVE-2021-30159",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30159"

},

{

"ID": "CVE-2021-30154",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30154"

},

{

"ID": "CVE-2021-30155",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30155"

},

{

"ID": "CVE-2021-30157",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30157"

},

{

"ID": "CVE-2021-30158",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30158"

}

]

},

"DIAGNOSIS": "Debian has released security update formediawiki\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "178531",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00070.html\" TARGET=\"_blank\">DSA 4889-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00070.html\" TARGET=\"_blank\">DSA 4889-1: Debian</A>",

"TITLE": "Debian Security Update for mediawiki (DSA 4889-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4889-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00070.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-28834",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28834"

}

},

"DIAGNOSIS": "Debian has released security update forruby-kramdown\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "178532",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00071.html\" TARGET=\"_blank\">DSA 4890-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00071.html\" TARGET=\"_blank\">DSA 4890-1: Debian</A>",

"TITLE": "Debian Security Update for ruby-kramdown (DSA 4890-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4890-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00071.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-25122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"

},

{

"ID": "CVE-2021-25329",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329"

}

]

},

"DIAGNOSIS": "Debian has released security update fortomcat9\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "178533",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "debian_linux",

"VENDOR": "debian"

},

{

"PRODUCT": "None",

"VENDOR": "debian"

}

]

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00072.html\" TARGET=\"_blank\">DSA 4891-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00072.html\" TARGET=\"_blank\">DSA 4891-1: Debian</A>",

"TITLE": "Debian Security Update for tomcat9 (DSA 4891-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4891-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00072.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Debian",

"CONSEQUENCE": "Successful exploitation allows attacker to compromise the system.",

"DIAGNOSIS": "Debian has released security update forshibboleth-sp\nto fix the vulnerabilities.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "178534",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "shibboleth-sp",

"VENDOR": "debian"

}

},

"SOLUTION": "Refer to Debian security advisory <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00053.html\" TARGET=\"_blank\">DSA 4872-1</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.debian.org/debian-security-announce/2021/msg00053.html\" TARGET=\"_blank\">DSA 4872-1: Debian</A>",

"TITLE": "Debian Security Update for shibboleth-sp (DSA 4872-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "DSA 4872-1",

"URL": "https://lists.debian.org/debian-security-announce/2021/msg00053.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "It can cause confidentiality issues.",

"DIAGNOSIS": "<P> The ca-certificates package contained outdated CA certificates.\n<P> This update refreshes the included certificates to those contained in the 2.46 version of the Mozilla certificate authority bundle.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "198248",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "ca-certificates",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-February/005874.html\" TARGET=\"_blank\">USN-4719-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/ca-certificates/20210119~18.04.1\" TARGET=\"_blank\">USN-4719-1: 18.04 (bionic) on src (ca-certificates)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/ca-certificates/20210119~20.10.1\" TARGET=\"_blank\">USN-4719-1: 20.10 (groovy) on src (ca-certificates)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/ca-certificates/20210119~20.04.1\" TARGET=\"_blank\">USN-4719-1: 20.04 (focal) on src (ca-certificates)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/ca-certificates/20210119~16.04.1\" TARGET=\"_blank\">USN-4719-1: 16.04 (Xenial) on src (ca-certificates)</A>",

"TITLE": "Ubuntu Security Notification for Ca-certificates Update (USN-4719-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4719-1",

"URL": "https://usn.ubuntu.com/4719-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2021-3444)<P> A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365)<P> A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27171)<P> A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27170)<P> A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). (CVE-2021-27363)<P> A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364)<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-27170",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27170"

},

{

"ID": "CVE-2020-27171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27171"

},

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

},

{

"ID": "CVE-2021-3444",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3444"

}

]

},

"DIAGNOSIS": "<P> It was discovered that the BPF verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0.\n<P> It was discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel.\n<P> It was discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations.\n<P> It was discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types.\n<P> It was discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles.\n<P> It was discovered that an out-of-bounds read existed in the iSCSI subsystem in the Linux kernel.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:29Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:29Z",

"QID": "198307",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-March/005943.html\" TARGET=\"_blank\">USN-4887-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-1041-aws)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-1012-gkeop)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-gke-5.4)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.6.0-1052-oem)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.3.0-1038-raspi2)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-1026-gcp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-1040-gcp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-kvm)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-1026-azure)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-gkeop-5.4)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-1040-gcp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-kvm)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-gkeop-5.3)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-generic-64k-hwe-20.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-oracle)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-48-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-oem-osp1)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-1032-raspi)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.3.0-72-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.3.0-72-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-gcp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-raspi2)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-generic-lpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-oem)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-generic-64k)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-70-generic-lpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-raspi-nolpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-gcp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-raspi)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-aws)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-70-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-1041-aws)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-1022-kvm)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-1043-azure)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-raspi)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-raspi2-hwe-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-1012-gkeop)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-1024-oracle)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-70-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-48-generic-lpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-oem)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-generic-lpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-oracle)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-48-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-generic-hwe-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-generic-lpae-hwe-20.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.10.0-1019-oem)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-70-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-1036-kvm)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.3.0-1041-gke)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-raspi-hwe-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.8.0-48-generic-64k)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-1039-gke)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-oem-20.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-azure)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.8.0-48-generic-lpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-gkeop-5.4)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-gkeop)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-1041-oracle)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-oem-osp1)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-1019-raspi-nolpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-generic-hwe-20.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-gke-5.3)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-virtual)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-generic-lpae-hwe-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-70-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-snapdragon-hwe-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.8.0-48-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-1032-raspi)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-oem-20.04b)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-oracle)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-70-generic-lpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-gke)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-48-generic-64k)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-aws)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.8.0-48-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-virtual)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-lowlatency-hwe-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-aws)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-gcp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-virtual-hwe-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-5.4.0-1041-oracle)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-azure)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-1019-raspi)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-lowlatency-hwe-20.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-azure)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-oem-20.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54\" TARGET=\"_blank\">USN-4887-1: 20.10 (groovy) on src (linux-image-5.8.0-1027-aws)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29\" TARGET=\"_blank\">USN-4887-1: 20.04 (focal) on src (linux-image-virtual-hwe-20.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28\" TARGET=\"_blank\">USN-4887-1: 18.04 (bionic) on src (linux-image-5.4.0-1043-azure)</A>",

"TITLE": "Ubuntu Security Notification for Linux, Linux-aws, Linux-aws-5.4, Linux-azure, Linux-azure-5.4, Linux-gcp, (USN-4887-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4887-1",

"URL": "https://usn.ubuntu.com/4887-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27171)<P> A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27170)<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-27170",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27170"

},

{

"ID": "CVE-2020-27171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27171"

}

]

},

"DIAGNOSIS": "<P> It was discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations.\n<P> It was discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:29Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-01T13:01:29Z",

"QID": "198309",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-March/005946.html\" TARGET=\"_blank\">USN-4890-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-aws-hwe)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-generic-lpae-hwe-16.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-powerpc64-emb)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-4.15.0-140-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-1099-snapdragon)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-powerpc-e500mc)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-oracle-lts-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-1097-aws)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-4.15.0-1111-azure)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-4.15.0-140-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-virtual)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-1111-azure)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-140-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-oracle)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-4.15.0-1097-aws)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-virtual-hwe-16.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-generic-lpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-gcp-lts-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-140-generic-lpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-azure-lts-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-snapdragon)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-4.15.0-1068-oracle)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-140-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-powerpc64-smp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-gcp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-azure)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-4.15.0-140-generic-lpae)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-1088-kvm)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-generic)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-4.15.0-1096-gcp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-1096-gcp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-aws-lts-18.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-1068-oracle)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-generic-hwe-16.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-lowlatency-hwe-16.04)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-kvm)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-dell300x)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-oem)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-4.15.0-1015-dell300x)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-powerpc-smp)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux/4.15.0-140.144\" TARGET=\"_blank\">USN-4890-1: 18.04 (bionic) on src (linux-image-lowlatency)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1097.104\" TARGET=\"_blank\">USN-4890-1: 16.04 (Xenial) on src (linux-image-gke)</A>",

"TITLE": "Ubuntu Security Notification for Linux, Linux-aws, Linux-aws-hwe, Linux-azure, Linux-azure-4.15, (USN-4890-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4890-1",

"URL": "https://usn.ubuntu.com/4890-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2021-23981, CVE-2021-23982, CVE-2021-23983, CVE-2021-23987, CVE-2021-23988)<P> If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spook a website and trick the user into providing credentials. (CVE-2021-23984)<P> If a local attacker could modify the browser configuration, a remote attacker could potentially exploit this to obtain sensitive information. (CVE-2021-23985)<P> If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to obtain sensitive information. (CVE-2021-23986)<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23983",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23983"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23985",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23985"

},

{

"ID": "CVE-2021-23986",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23986"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

},

{

"ID": "CVE-2021-23988",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23988"

}

]

},

"DIAGNOSIS": "<P> Multiple security issues were discovered in Firefox.\n<P> It was discovered that extensions could open popup windows with control of the window title in some circumstances.\n<P> It was discovered that the DevTools remote debugging feature could be enabled without an indication to the user.\n<P> It was discovered that extensions could read the response of cross origin requests in some circumstances.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "198311",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-March/005950.html\" TARGET=\"_blank\">USN-4893-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/firefox/87.0+build3-0ubuntu0.18.04.2\" TARGET=\"_blank\">USN-4893-1: 18.04 (bionic) on src (firefox)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/firefox/87.0+build3-0ubuntu0.20.10.1\" TARGET=\"_blank\">USN-4893-1: 20.10 (groovy) on src (firefox)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/firefox/87.0+build3-0ubuntu0.20.04.2\" TARGET=\"_blank\">USN-4893-1: 20.04 (focal) on src (firefox)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/firefox/87.0+build3-0ubuntu0.16.04.2\" TARGET=\"_blank\">USN-4893-1: 16.04 (Xenial) on src (firefox)</A>",

"TITLE": "Ubuntu Security Notification for Firefox Vulnerabilities (USN-4893-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4893-1",

"URL": "https://usn.ubuntu.com/4893-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-27918",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27918"

},

{

"ID": "CVE-2020-29623",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29623"

},

{

"ID": "CVE-2021-1765",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1765"

},

{

"ID": "CVE-2021-1789",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1789"

},

{

"ID": "CVE-2021-1799",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1799"

},

{

"ID": "CVE-2021-1801",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1801"

},

{

"ID": "CVE-2021-1870",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1870"

}

]

},

"DIAGNOSIS": "<P> A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "198312",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-March/005951.html\" TARGET=\"_blank\">USN-4894-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/webkit2gtk/2.30.6-0ubuntu0.20.04.1\" TARGET=\"_blank\">USN-4894-1: 20.04 (focal) on src (libjavascriptcoregtk-4.0-18)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/webkit2gtk/2.30.6-0ubuntu0.18.04.1\" TARGET=\"_blank\">USN-4894-1: 18.04 (bionic) on src (libwebkit2gtk-4.0-37)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/webkit2gtk/2.30.6-0ubuntu0.20.10.1\" TARGET=\"_blank\">USN-4894-1: 20.10 (groovy) on src (libjavascriptcoregtk-4.0-18)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/webkit2gtk/2.30.6-0ubuntu0.20.10.1\" TARGET=\"_blank\">USN-4894-1: 20.10 (groovy) on src (libwebkit2gtk-4.0-37)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/webkit2gtk/2.30.6-0ubuntu0.20.04.1\" TARGET=\"_blank\">USN-4894-1: 20.04 (focal) on src (libwebkit2gtk-4.0-37)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/webkit2gtk/2.30.6-0ubuntu0.18.04.1\" TARGET=\"_blank\">USN-4894-1: 18.04 (bionic) on src (libjavascriptcoregtk-4.0-18)</A>",

"TITLE": "Ubuntu Security Notification for Webkit2gtk Vulnerabilities (USN-4894-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4894-1",

"URL": "https://usn.ubuntu.com/4894-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-15049)<P> A remote attacker could use this issue to perform HTTP Request Smuggling and possibly access services forbidden by the security controls. (CVE-2020-25097)<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-15049",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15049"

},

{

"ID": "CVE-2020-25097",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25097"

}

]

},

"DIAGNOSIS": "<P> It was discovered that Squid incorrectly handled certain Content-Length headers.\n<P> It was discovered that Squid incorrectly validated certain input.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "198313",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-March/005952.html\" TARGET=\"_blank\">USN-4895-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/squid3/3.5.27-1ubuntu1.10\" TARGET=\"_blank\">USN-4895-1: 18.04 (bionic) on src (squid)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/squid/4.13-1ubuntu2.1\" TARGET=\"_blank\">USN-4895-1: 20.10 (groovy) on src (squid)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/squid/4.10-1ubuntu1.3\" TARGET=\"_blank\">USN-4895-1: 20.04 (focal) on src (squid)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/squid3/3.5.12-1ubuntu7.16\" TARGET=\"_blank\">USN-4895-1: 16.04 (Xenial) on src (squid)</A>",

"TITLE": "Ubuntu Security Notification for Squid, Squid3 Vulnerabilities (USN-4895-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4895-1",

"URL": "https://usn.ubuntu.com/4895-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> A remote attacker could possibly use this issue to perform cross-site scripting (XSS) attacks.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-28957",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28957"

}

},

"DIAGNOSIS": "<P> It was discovered that lxml incorrectly handled certain HTML attributes.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "198314",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-March/005954.html\" TARGET=\"_blank\">USN-4896-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/lxml/4.5.0-1ubuntu0.3\" TARGET=\"_blank\">USN-4896-1: 20.04 (focal) on src (python3-lxml)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/lxml/3.5.0-1ubuntu0.4\" TARGET=\"_blank\">USN-4896-1: 16.04 (Xenial) on src (python-lxml)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/lxml/4.5.0-1ubuntu0.3\" TARGET=\"_blank\">USN-4896-1: 20.04 (focal) on src (python-lxml)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/lxml/4.5.2-1ubuntu0.4\" TARGET=\"_blank\">USN-4896-1: 20.10 (groovy) on src (python3-lxml)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/lxml/3.5.0-1ubuntu0.4\" TARGET=\"_blank\">USN-4896-1: 16.04 (Xenial) on src (python3-lxml)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/lxml/4.2.1-1ubuntu0.4\" TARGET=\"_blank\">USN-4896-1: 18.04 (bionic) on src (python-lxml)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/lxml/4.2.1-1ubuntu0.4\" TARGET=\"_blank\">USN-4896-1: 18.04 (bionic) on src (python3-lxml)</A>",

"TITLE": "Ubuntu Security Notification for Lxml Vulnerability (USN-4896-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4896-1",

"URL": "https://usn.ubuntu.com/4896-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27291",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291"

}

},

"DIAGNOSIS": "<P> It was discovered that Pygments incorrectly handled parsing certain files.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "198315",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-March/005953.html\" TARGET=\"_blank\">USN-4897-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/pygments/2.3.1+dfsg-1ubuntu2.2\" TARGET=\"_blank\">USN-4897-1: 20.04 (focal) on src (python3-pygments)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/pygments/2.1+dfsg-1ubuntu0.2\" TARGET=\"_blank\">USN-4897-1: 16.04 (Xenial) on src (python-pygments)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/pygments/2.3.1+dfsg-1ubuntu2.2\" TARGET=\"_blank\">USN-4897-1: 20.04 (focal) on src (python-pygments)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/pygments/2.3.1+dfsg-4ubuntu0.2\" TARGET=\"_blank\">USN-4897-1: 20.10 (groovy) on src (python3-pygments)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/pygments/2.1+dfsg-1ubuntu0.2\" TARGET=\"_blank\">USN-4897-1: 16.04 (Xenial) on src (python3-pygments)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/pygments/2.2.0+dfsg-1ubuntu0.2\" TARGET=\"_blank\">USN-4897-1: 18.04 (bionic) on src (python-pygments)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/pygments/2.2.0+dfsg-1ubuntu0.2\" TARGET=\"_blank\">USN-4897-1: 18.04 (bionic) on src (python3-pygments)</A>",

"TITLE": "Ubuntu Security Notification for Pygments Vulnerability (USN-4897-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4897-1",

"URL": "https://usn.ubuntu.com/4897-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-22876)<P> A remote attacker in control of an HTTPS proxy could use this issue to bypass certificate checks and intercept communications. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-22890)<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-22876",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"

},

{

"ID": "CVE-2021-22890",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"

}

]

},

"DIAGNOSIS": "<P> It was discovered that curl did not strip off user credentials from referrer header fields.\n<P> It was discovered that curl incorrectly handled session tickets when using an HTTPS proxy.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "198316",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-March/005955.html\" TARGET=\"_blank\">USN-4898-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.5\" TARGET=\"_blank\">USN-4898-1: 20.04 (focal) on src (libcurl3-gnutls)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.5\" TARGET=\"_blank\">USN-4898-1: 20.04 (focal) on src (curl)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.13\" TARGET=\"_blank\">USN-4898-1: 18.04 (bionic) on src (libcurl3-nss)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.13\" TARGET=\"_blank\">USN-4898-1: 18.04 (bionic) on src (libcurl4)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu4.3\" TARGET=\"_blank\">USN-4898-1: 20.10 (groovy) on src (libcurl3-nss)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.5\" TARGET=\"_blank\">USN-4898-1: 20.04 (focal) on src (libcurl3-nss)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu4.3\" TARGET=\"_blank\">USN-4898-1: 20.10 (groovy) on src (libcurl3-gnutls)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu4.3\" TARGET=\"_blank\">USN-4898-1: 20.10 (groovy) on src (curl)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.47.0-1ubuntu2.19\" TARGET=\"_blank\">USN-4898-1: 16.04 (Xenial) on src (libcurl3)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.13\" TARGET=\"_blank\">USN-4898-1: 18.04 (bionic) on src (curl)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.47.0-1ubuntu2.19\" TARGET=\"_blank\">USN-4898-1: 16.04 (Xenial) on src (libcurl3-nss)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.47.0-1ubuntu2.19\" TARGET=\"_blank\">USN-4898-1: 16.04 (Xenial) on src (curl)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.5\" TARGET=\"_blank\">USN-4898-1: 20.04 (focal) on src (libcurl4)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu4.3\" TARGET=\"_blank\">USN-4898-1: 20.10 (groovy) on src (libcurl4)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.13\" TARGET=\"_blank\">USN-4898-1: 18.04 (bionic) on src (libcurl3-gnutls)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/curl/7.47.0-1ubuntu2.19\" TARGET=\"_blank\">USN-4898-1: 16.04 (Xenial) on src (libcurl3-gnutls)</A>",

"TITLE": "Ubuntu Security Notification for Curl Vulnerabilities (USN-4898-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4898-1",

"URL": "https://usn.ubuntu.com/4898-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-1946",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1946"

}

},

"DIAGNOSIS": "<P> It was discovered that SpamAssassin incorrectly handled certain CF files.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "198317",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "None",

"VENDOR": "ubuntu"

},

{

"PRODUCT": "spamassassin",

"VENDOR": "ubuntu"

}

]

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-April/005956.html\" TARGET=\"_blank\">USN-4899-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/spamassassin/3.4.2-0ubuntu0.16.04.5\" TARGET=\"_blank\">USN-4899-1: 16.04 (Xenial) on src (spamassassin)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/spamassassin/3.4.4-1ubuntu1.1\" TARGET=\"_blank\">USN-4899-1: 20.04 (focal) on src (spamassassin)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/spamassassin/3.4.2-0ubuntu0.18.04.5\" TARGET=\"_blank\">USN-4899-1: 18.04 (bionic) on src (spamassassin)</A>",

"TITLE": "Ubuntu Security Notification for Spamassassin Vulnerability (USN-4899-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4899-1",

"URL": "https://usn.ubuntu.com/4899-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-3474",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3474"

},

{

"ID": "CVE-2021-3475",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3475"

},

{

"ID": "CVE-2021-3476",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3476"

},

{

"ID": "CVE-2021-3477",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3477"

},

{

"ID": "CVE-2021-3478",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3478"

},

{

"ID": "CVE-2021-3479",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3479"

}

]

},

"DIAGNOSIS": "<P> It was discovered that OpenEXR incorrectly handled certain malformed EXR image files.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "198318",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "None",

"VENDOR": "ubuntu"

},

{

"PRODUCT": "openexr",

"VENDOR": "ubuntu"

}

]

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-April/005957.html\" TARGET=\"_blank\">USN-4900-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/openexr/2.3.0-6ubuntu0.5\" TARGET=\"_blank\">USN-4900-1: 20.04 (focal) on src (libopenexr24)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/openexr/2.2.0-11.1ubuntu1.6\" TARGET=\"_blank\">USN-4900-1: 18.04 (bionic) on src (openexr)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/openexr/2.5.3-2ubuntu0.2\" TARGET=\"_blank\">USN-4900-1: 20.10 (groovy) on src (openexr)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/openexr/2.5.3-2ubuntu0.2\" TARGET=\"_blank\">USN-4900-1: 20.10 (groovy) on src (libopenexr25)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/openexr/2.2.0-10ubuntu2.6\" TARGET=\"_blank\">USN-4900-1: 16.04 (Xenial) on src (libopenexr22)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/openexr/2.2.0-10ubuntu2.6\" TARGET=\"_blank\">USN-4900-1: 16.04 (Xenial) on src (openexr)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/openexr/2.3.0-6ubuntu0.5\" TARGET=\"_blank\">USN-4900-1: 20.04 (focal) on src (openexr)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/openexr/2.2.0-11.1ubuntu1.6\" TARGET=\"_blank\">USN-4900-1: 18.04 (bionic) on src (libopenexr22)</A>",

"TITLE": "Ubuntu Security Notification for Openexr Vulnerabilities (USN-4900-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4900-1",

"URL": "https://usn.ubuntu.com/4900-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8161)<P> An attacker could possibly use this issue to forge a secure cookie. (CVE-2020-8184)<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-8161",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8161"

},

{

"ID": "CVE-2020-8184",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8184"

}

]

},

"DIAGNOSIS": "<P> USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10.\n<P> Original advisory details:\n<P> It was discovered that Rack incorrectly handled certain paths.\n<P> It was discovered that Rack incorrectly validated cookies.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "198319",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "ruby-rack",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-April/005958.html\" TARGET=\"_blank\">USN-4561-2</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/ruby-rack/1.6.4-3ubuntu0.2\" TARGET=\"_blank\">USN-4561-2: 16.04 (Xenial) on src (ruby-rack)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/ruby-rack/2.1.1-5ubuntu0.1\" TARGET=\"_blank\">USN-4561-2: 20.10 (groovy) on src (ruby-rack)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/ruby-rack/2.0.7-2ubuntu0.1\" TARGET=\"_blank\">USN-4561-2: 20.04 (focal) on src (ruby-rack)</A>",

"TITLE": "Ubuntu Security Notification for Ruby-rack Vulnerabilities (USN-4561-2)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4561-2",

"URL": "https://usn.ubuntu.com/4561-2/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "<P> A remote attacker could possibly use this issue to create or overwrite files in unexpected directories.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-28658",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28658"

}

},

"DIAGNOSIS": "<P> It was discovered that Django incorrectly handled certain filenames.\n<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "198320",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "python-django",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory <A HREF=\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2021-April/005959.html\" TARGET=\"_blank\">USN-4902-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://launchpad.net/ubuntu/+source/python-django/1:1.11.11-1ubuntu1.12\" TARGET=\"_blank\">USN-4902-1: 18.04 (bionic) on src (python-django)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.15\" TARGET=\"_blank\">USN-4902-1: 16.04 (Xenial) on src (python3-django)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/python-django/2:2.2.16-1ubuntu0.3\" TARGET=\"_blank\">USN-4902-1: 20.10 (groovy) on src (python3-django)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/python-django/2:2.2.12-1ubuntu0.5\" TARGET=\"_blank\">USN-4902-1: 20.04 (focal) on src (python3-django)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/python-django/1:1.11.11-1ubuntu1.12\" TARGET=\"_blank\">USN-4902-1: 18.04 (bionic) on src (python3-django)</A><P> <A HREF=\"https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.15\" TARGET=\"_blank\">USN-4902-1: 16.04 (Xenial) on src (python-django)</A>",

"TITLE": "Ubuntu Security Notification for Python-django Vulnerability (USN-4902-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4902-1",

"URL": "https://usn.ubuntu.com/4902-1/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "A remote attacker could use this issue to cause Nettle to crash, resulting\nin a denial of service, or possibly force invalid signatures<br/><br/>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20305",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305"

}

},

"DIAGNOSIS": "Nettle incorrectly handled signature verification<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-26T12:32:51Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "198322",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "nettle",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory: <A HREF=\"https://usn.ubuntu.com/4906-1\" TARGET=\"_blank\">USN-4906-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://usn.ubuntu.com/4906-1\" TARGET=\"_blank\">USN-4906-1: Ubuntu Linux</A>",

"TITLE": "Ubuntu Security Notification for Nettle vulnerability (USN-4906-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4906-1",

"URL": "https://usn.ubuntu.com/4906-1"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "A\nlocal attacker could use this to cause a denial of service (CVE-2015-1350)<br/> A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code\n(CVE-2017-16644)<br/> A\nlocal attacker could use this to expose sensitive information\n(CVE-2017-5967)<br/> An\nattacker could use this to construct a malicious xfs image that, when\nmounted, could cause a denial of service (system crash) (CVE-2018-13095)<br/> A local attacker could use this to cause a denial\nof service (CVE-2019-16231)<br/> A local attacker could possibly use\nthis to cause a denial of service (CVE-2019-16232)<br/> A local\nattacker could use this to cause a denial of service (memory exhaustion)\n(CVE-2019-19061)<br/> An attacker with access to the floppy device could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code (CVE-2021-20261)<br/> An\nattacker in a guest VM could possibly use this to cause a denial of service\n(host domain crash) (CVE-2021-26930)<br/> An\nattacker in a guest VM could possibly use this to cause a denial of service\n(host domain crash) (CVE-2021-26931)<br/> An\nattacker in a guest VM could possibly use this to cause a denial of service\n(host domain crash) (CVE-2021-28038)",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2017-16644",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16644"

},

{

"ID": "CVE-2019-16231",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16231"

},

{

"ID": "CVE-2021-26930",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26930"

},

{

"ID": "CVE-2021-28038",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28038"

},

{

"ID": "CVE-2019-19061",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19061"

},

{

"ID": "CVE-2021-26931",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26931"

},

{

"ID": "CVE-2017-5967",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5967"

},

{

"ID": "CVE-2015-1350",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1350"

},

{

"ID": "CVE-2019-16232",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16232"

},

{

"ID": "CVE-2021-20261",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20261"

},

{

"ID": "CVE-2018-13095",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13095"

}

]

},

"DIAGNOSIS": "The linux kernel would strip extended privilege \nattributes of files when performing a failed unprivileged system call<br/>The video4linux driver for hauppauge hd \npvr usb devices in the linux kernel did not properly handle some error \nconditions<br/>The timer stats implementation in the linux kernel \nallowed the discovery of a real pid value while inside a pid namespace<br/>The xfs file system implementation in the linux \nkernel did not properly validate the number of extents in an inode<br/>The fujitsu es network device driver for the linux \nkernel did not properly check for errors in some situations, leading to a \nnull pointer dereference<br/>The marvell 8xxx libertas wlan device driver in the \nlinux kernel did not properly check for errors in certain situations, \nleading to a null pointer dereference<br/>The adis16400 iio imu driver for the linux kernel \ndid not properly deallocate memory in certain error conditions<br/>A race condition existed in the floppy device driver \nin the linux kernel<br/>The xen paravirtualization bckend in the linux kernel did \nnot properly propagate errors to frontend drivers in some situations<br/>Multiple xen backends in the linux kernel did \nnot properly handle certain error conditions under paravirtualization<br/>The xen netback backend in the linux kernel did \nnot properly handle certain error conditions under paravirtualization<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-26T12:32:51Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "198323",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "linux",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory: <A HREF=\"https://usn.ubuntu.com/4904-1\" TARGET=\"_blank\">USN-4904-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://usn.ubuntu.com/4904-1\" TARGET=\"_blank\">USN-4904-1: Ubuntu Linux</A>",

"TITLE": "Ubuntu Security Notification for Linux kernel vulnerabilities (USN-4904-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4904-1",

"URL": "https://usn.ubuntu.com/4904-1"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "A local attacker could\nuse this to cause a denial of service (system crash) (CVE-2020-25639)<br/> An\nattacker in a guest VM could possibly use this to cause a denial of service\n(host domain crash) (CVE-2021-28038)<br/> A local\nattacker could possibly use this to gain elevated privileges\n(CVE-2021-28375)<br/> A\nlocal attacker could possibly use this to cause a denial of service\n(CVE-2021-28950)<br/>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-25639",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25639"

},

{

"ID": "CVE-2021-28375",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28375"

},

{

"ID": "CVE-2021-28950",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28950"

},

{

"ID": "CVE-2021-28038",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28038"

}

]

},

"DIAGNOSIS": "The nouveau gpu driver in the linux kernel did not \nproperly handle error conditions in some situations<br/>The xen netback backend in the linux kernel did \nnot properly handle certain error conditions under paravirtualization<br/>The fastrpc driver in the linux kernel did not \nprevent user space applications from sending kernel rpc messages<br/>The fuse user space file system implementation in \nthe linux kernel did not properly handle bad inodes in some situations<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-26T12:32:51Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "198327",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "linux",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory: <A HREF=\"https://usn.ubuntu.com/4911-1\" TARGET=\"_blank\">USN-4911-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://usn.ubuntu.com/4911-1\" TARGET=\"_blank\">USN-4911-1: Ubuntu Linux</A>",

"TITLE": "Ubuntu Security Notification for Linux kernel (OEM) vulnerabilities (USN-4911-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4911-1",

"URL": "https://usn.ubuntu.com/4911-1"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Ubuntu",

"CONSEQUENCE": "A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code (CVE-2021-29154)<br/> A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code (CVE-2020-0423)<br/> A\nphysically proximate attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code (CVE-2020-0465)<br/> A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code (CVE-2020-0466)<br/> An attacker\nwith access to the perf subsystem could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code (CVE-2020-14351)<br/> A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code (CVE-2020-14390)<br/> A privileged attacker could use this to\ncause a denial of service (system crash) (CVE-2020-25285)<br/> An attacker could use this to expose sensitive information\n(unencrypted network traffic) (CVE-2020-25645)<br/> A local attacker could use this to cause a denial of service\n(system crash) (CVE-2020-27830)<br/> A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code (CVE-2020-36158)<br/> A local\nattacker could possibly use this to cause a denial of service (system\ncrash) (CVE-2021-20194)<br/> A privileged\nattacker could use this to cause a denial of service (system crash) or\npossibly expose sensitive information (CVE-2021-3411)<br/> An attacker could possibly use this to bypass NFS access\nrestrictions (CVE-2021-3178)",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-3178",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3178"

},

{

"ID": "CVE-2020-27830",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27830"

},

{

"ID": "CVE-2020-25285",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25285"

},

{

"ID": "CVE-2021-3411",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3411"

},

{

"ID": "CVE-2020-0423",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0423"

},

{

"ID": "CVE-2020-14390",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14390"

},

{

"ID": "CVE-2020-25645",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25645"

},

{

"ID": "CVE-2021-20194",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20194"

},

{

"ID": "CVE-2020-36158",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36158"

},

{

"ID": "CVE-2020-0465",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0465"

},

{

"ID": "CVE-2020-0466",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0466"

},

{

"ID": "CVE-2020-25669",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25669"

},

{

"ID": "CVE-2021-29154",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29154"

},

{

"ID": "CVE-2020-14351",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14351"

}

]

},

"DIAGNOSIS": "The bpf jit compiler for x86 in the linux \nkernel did not properly validate computation of branch displacements in \nsome situations<br/>A race condition existed in the binder ipc \nimplementation in the linux kernel, leading to a use-after-free \nvulnerability<br/>The hid multitouch implementation within the linux \nkernel did not properly validate input events in some situations<br/>The eventpoll (aka epoll) implementation in the \nlinux kernel contained a logic error that could lead to a use after free \nvulnerability<br/>A race condition existed in the perf subsystem of \nthe linux kernel, leading to a use-after-free vulnerability<br/>The frame buffer implementation in the linux kernel \ndid not properly handle some edge cases in software scrollback<br/>A race condition existed in the hugetlb sysctl \nimplementation in the linux kernel<br/>The geneve tunnel implementation in the linux kernel \nwhen combined with ipsec did not properly select ip routes in some \nsituations<br/>Speakup screen reader driver in \nthe linux kernel did not correctly handle setting line discipline in some \nsituations<br/>The marvell wifi-ex device driver in the linux \nkernel did not properly validate ad-hoc ssids<br/>The bpf implementation in the linux kernel did \nnot properly validate attributes in the getsockopt bpf hook<br/>The kprobes subsystem in the linux kernel did \nnot properly detect linker padding in some situations<br/>The nfs implementation in the linux kernel did not \nproperly prevent access outside of an nfs export that is a subdirectory of \na file system<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-26T12:32:51Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "198328",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "linux",

"VENDOR": "ubuntu"

}

},

"SOLUTION": "Refer to Ubuntu advisory: <A HREF=\"https://usn.ubuntu.com/4912-1\" TARGET=\"_blank\">USN-4912-1</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://usn.ubuntu.com/4912-1\" TARGET=\"_blank\">USN-4912-1: Ubuntu Linux</A>",

"TITLE": "Ubuntu Security Notification for Linux kernel (OEM) vulnerabilities (USN-4912-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "USN-4912-1",

"URL": "https://usn.ubuntu.com/4912-1"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": {

"DESC": "MariaDB 10.2 /MySQL - 'wsrep_provider' OS Command Execution - The Exploit-DB Ref : 49765",

"LINK": "http://www.exploit-db.com/exploits/49765",

"REF": "CVE-2021-27928"

}

},

"SRC_NAME": "The Exploit-DB"

}

}

},

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27928",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27928"

}

},

"DIAGNOSIS": "MariaDB is a community developed branch of MySQL.MariaDB is a multi-user, multi-threaded SQL database server.<P>Security Fix(es): writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928)<P>Affected Products: <br/><br/>Red Hat OpenStack 13 x86_64<br/>Red Hat OpenStack for IBM Power 13 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:29Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:29Z",

"QID": "239178",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1039\" TARGET=\"_blank\">RHSA-2021:1039</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1039?language=en\" TARGET=\"_blank\">RHSA-2021:1039: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for mariadb (RHSA-2021:1039)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1039",

"URL": "https://access.redhat.com/errata/RHSA-2021:1039?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-10543",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10543"

},

{

"ID": "CVE-2020-10878",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10878"

},

{

"ID": "CVE-2020-12723",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12723"

}

]

},

"DIAGNOSIS": "Perl is a high-level programming language that is commonly used for system administration utilities and web programming.<P>Security Fix(es): perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543)\n perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (CVE-2020-10878)\n perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk()<br/>calls leads to DoS (CVE-2020-12723)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x<br/>Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64<br/>Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64<br/>Red Hat Enterprise Linux Server - AUS 7.7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 7.7 x86_64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:29Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:29Z",

"QID": "239179",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1032\" TARGET=\"_blank\">RHSA-2021:1032</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1032?language=en\" TARGET=\"_blank\">RHSA-2021:1032: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for perl (RHSA-2021:1032)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1032",

"URL": "https://access.redhat.com/errata/RHSA-2021:1032?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-29661",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29661"

}

},

"DIAGNOSIS": "This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.<P>Security Fix(es): kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64<br/>Red Hat Enterprise Linux Server - AUS 7.7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 7.7 x86_64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239180",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1031\" TARGET=\"_blank\">RHSA-2021:1031</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1031?language=en\" TARGET=\"_blank\">RHSA-2021:1031: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for kpatch-patch (RHSA-2021:1031)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1031",

"URL": "https://access.redhat.com/errata/RHSA-2021:1031?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-17563",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563"

},

{

"ID": "CVE-2020-1935",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935"

}

]

},

"DIAGNOSIS": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP)<br/>technologies.<P>Security Fix(es): tomcat: Session fixation when using FORM authentication (CVE-2019-17563)\n tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling (CVE-2020-1935)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64<br/>Red Hat Enterprise Linux Server - AUS 7.7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x<br/>Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64<br/>Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 7.7 x86_64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239181",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1030\" TARGET=\"_blank\">RHSA-2021:1030</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1030?language=en\" TARGET=\"_blank\">RHSA-2021:1030: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for tomcat (RHSA-2021:1030)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1030",

"URL": "https://access.redhat.com/errata/RHSA-2021:1030?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-14351",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14351"

},

{

"ID": "CVE-2020-29661",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29661"

}

]

},

"DIAGNOSIS": "The kernel packages contain the Linux kernel, the core of any Linux operating system.<P>Security Fix(es): kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661)\n kernel: performance counters race condition use-after-free (CVE-2020-14351)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64<br/>Red Hat Enterprise Linux Server - AUS 7.7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x<br/>Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64<br/>Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 7.7 x86_64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239182",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "enterprise_linux",

"VENDOR": "redhat"

},

{

"PRODUCT": "None",

"VENDOR": "redhat"

}

]

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1028\" TARGET=\"_blank\">RHSA-2021:1028</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1028?language=en\" TARGET=\"_blank\">RHSA-2021:1028: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for kernel (RHSA-2021:1028)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1028",

"URL": "https://access.redhat.com/errata/RHSA-2021:1028?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-5482",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482"

}

},

"DIAGNOSIS": "The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.<P>Security Fix(es): curl: heap buffer overflow in function tftp_receive_packet()<br/>(CVE-2019-5482)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64<br/>Red Hat Enterprise Linux Server - AUS 7.7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x<br/>Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64<br/>Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 7.7 x86_64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239183",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1027\" TARGET=\"_blank\">RHSA-2021:1027</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1027?language=en\" TARGET=\"_blank\">RHSA-2021:1027: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for curl (RHSA-2021:1027)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1027",

"URL": "https://access.redhat.com/errata/RHSA-2021:1027?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-11756",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11756"

},

{

"ID": "CVE-2019-17006",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006"

},

{

"ID": "CVE-2020-12403",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12403"

}

]

},

"DIAGNOSIS": "The nss-softokn package provides the Network Security Services Softoken Cryptographic Module.<P>Security Fix(es): nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756)\n nss: Check length of inputs for cryptographic primitives (CVE-2019-17006)\n nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64<br/>Red Hat Enterprise Linux Server - AUS 7.7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x<br/>Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64<br/>Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 7.7 x86_64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239184",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1026\" TARGET=\"_blank\">RHSA-2021:1026</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1026?language=en\" TARGET=\"_blank\">RHSA-2021:1026: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for nss-softokn (RHSA-2021:1026)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1026",

"URL": "https://access.redhat.com/errata/RHSA-2021:1026?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-3449",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449"

},

{

"ID": "CVE-2021-3450",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3450"

}

]

},

"DIAGNOSIS": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)<br/>and Transport Layer Security (TLS)<br/>protocols, as well as a full-strength general-purpose cryptography library.<P>Security Fix(es): openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)\n openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 8 s390x<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:05:45Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239185",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1024\" TARGET=\"_blank\">RHSA-2021:1024</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1024?language=en\" TARGET=\"_blank\">RHSA-2021:1024: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for Open Secure Sockets Layer (OpenSSL) (RHSA-2021:1024)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1024",

"URL": "https://access.redhat.com/errata/RHSA-2021:1024?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21381",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21381"

}

},

"DIAGNOSIS": "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.<P>Security Fix(es): flatpak: &quot;file forwarding&quot; feature can be used to gain unprivileged access to files (CVE-2021-21381)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux Server 7 x86_64<br/>Red Hat Enterprise Linux Workstation 7 x86_64<br/>Red Hat Enterprise Linux Desktop 7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 7 s390x<br/>Red Hat Enterprise Linux for Power, big endian 7 ppc64<br/>Red Hat Enterprise Linux for Scientific Computing 7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian 7 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239186",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1002\" TARGET=\"_blank\">RHSA-2021:1002</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1002?language=en\" TARGET=\"_blank\">RHSA-2021:1002: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for flatpak (RHSA-2021:1002)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1002",

"URL": "https://access.redhat.com/errata/RHSA-2021:1002?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.9.0.<P>Security Fix(es): Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981)\n Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987)\n Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982)\n Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux Server 7 x86_64<br/>Red Hat Enterprise Linux Workstation 7 x86_64<br/>Red Hat Enterprise Linux Desktop 7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian 7 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239187",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0996\" TARGET=\"_blank\">RHSA-2021:0996</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0996?language=en\" TARGET=\"_blank\">RHSA-2021:0996: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for thunderbird (RHSA-2021:0996)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0996",

"URL": "https://access.redhat.com/errata/RHSA-2021:0996?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.9.0.<P>Security Fix(es): Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981)\n Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987)\n Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982)\n Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239188",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0995\" TARGET=\"_blank\">RHSA-2021:0995</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0995?language=en\" TARGET=\"_blank\">RHSA-2021:0995: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for thunderbird (RHSA-2021:0995)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0995",

"URL": "https://access.redhat.com/errata/RHSA-2021:0995?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.9.0.<P>Security Fix(es): Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981)\n Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987)\n Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982)\n Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64<br/>Red Hat Enterprise Linux Server - AUS 8.2 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 8.2 x86_64<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239189",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0994\" TARGET=\"_blank\">RHSA-2021:0994</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0994?language=en\" TARGET=\"_blank\">RHSA-2021:0994: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for thunderbird (RHSA-2021:0994)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0994",

"URL": "https://access.redhat.com/errata/RHSA-2021:0994?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.9.0.<P>Security Fix(es): Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981)\n Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987)\n Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982)\n Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239190",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0993\" TARGET=\"_blank\">RHSA-2021:0993</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0993?language=en\" TARGET=\"_blank\">RHSA-2021:0993: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for thunderbird (RHSA-2021:0993)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0993",

"URL": "https://access.redhat.com/errata/RHSA-2021:0993?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.9.0 ESR.<P>Security Fix(es): Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981)\n Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987)\n Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982)\n Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux Server 7 x86_64<br/>Red Hat Enterprise Linux Workstation 7 x86_64<br/>Red Hat Enterprise Linux Desktop 7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 7 s390x<br/>Red Hat Enterprise Linux for Power, big endian 7 ppc64<br/>Red Hat Enterprise Linux for Power, little endian 7 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239191",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0992\" TARGET=\"_blank\">RHSA-2021:0992</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0992?language=en\" TARGET=\"_blank\">RHSA-2021:0992: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for firefox (RHSA-2021:0992)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0992",

"URL": "https://access.redhat.com/errata/RHSA-2021:0992?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.9.0 ESR.<P>Security Fix(es): Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981)\n Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987)\n Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982)\n Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239192",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0991\" TARGET=\"_blank\">RHSA-2021:0991</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0991?language=en\" TARGET=\"_blank\">RHSA-2021:0991: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for firefox (RHSA-2021:0991)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0991",

"URL": "https://access.redhat.com/errata/RHSA-2021:0991?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.9.0 ESR.<P>Security Fix(es): Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981)\n Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987)\n Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982)\n Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 8 s390x<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239193",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0990\" TARGET=\"_blank\">RHSA-2021:0990</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0990?language=en\" TARGET=\"_blank\">RHSA-2021:0990: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for firefox (RHSA-2021:0990)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0990",

"URL": "https://access.redhat.com/errata/RHSA-2021:0990?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

}

]

},

"DIAGNOSIS": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 78.9.0 ESR.<P>Security Fix(es): Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981)\n Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987)\n Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982)\n Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64<br/>Red Hat Enterprise Linux Server - AUS 8.2 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 8.2 x86_64<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239194",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0989\" TARGET=\"_blank\">RHSA-2021:0989</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0989?language=en\" TARGET=\"_blank\">RHSA-2021:0989: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for firefox (RHSA-2021:0989)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0989",

"URL": "https://access.redhat.com/errata/RHSA-2021:0989?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-10146",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10146"

},

{

"ID": "CVE-2019-10179",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10179"

},

{

"ID": "CVE-2019-10221",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10221"

},

{

"ID": "CVE-2020-1721",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1721"

},

{

"ID": "CVE-2020-25715",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25715"

},

{

"ID": "CVE-2021-20179",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20179"

}

]

},

"DIAGNOSIS": "The Public Key Infrastructure (PKI)<br/>Core contains fundamental packages required by Red Hat Certificate System.<P>Security Fix(es): pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n pki-core: XSS in the certificate search results (CVE-2020-25715)\n pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x<br/>Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64<br/>Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64<br/>Red Hat Enterprise Linux Server - AUS 7.7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 7.7 x86_64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239195",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "certificate_system",

"VENDOR": "redhat"

},

{

"PRODUCT": "enterprise_linux",

"VENDOR": "redhat"

},

{

"PRODUCT": "None",

"VENDOR": "redhat"

}

]

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0975\" TARGET=\"_blank\">RHSA-2021:0975</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0975?language=en\" TARGET=\"_blank\">RHSA-2021:0975: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for pki-core (RHSA-2021:0975)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0975",

"URL": "https://access.redhat.com/errata/RHSA-2021:0975?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20179",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20179"

}

},

"DIAGNOSIS": "The Public Key Infrastructure (PKI)<br/>Core contains fundamental packages required by Red Hat Certificate System.<P>Security Fix(es): pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 8 s390x<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239196",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "certificate_system",

"VENDOR": "redhat"

},

{

"PRODUCT": "enterprise_linux",

"VENDOR": "redhat"

},

{

"PRODUCT": "None",

"VENDOR": "redhat"

}

]

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0966\" TARGET=\"_blank\">RHSA-2021:0966</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0966?language=en\" TARGET=\"_blank\">RHSA-2021:0966: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for pki-core:10.6 (RHSA-2021:0966)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0966",

"URL": "https://access.redhat.com/errata/RHSA-2021:0966?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3114",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3114"

}

},

"DIAGNOSIS": "Red Hat OpenShift Container Platform is Red Hat's cloud computingKubernetes application platform solution designed for on-premise or privatecloud deployments.This advisory contains the RPM packages for Red Hat OpenShift ContainerPlatform 4.7.4. See the following advisory for the container images forthis release:https://access.redhat.com/errata/RHSA-2021:0957 All OpenShift Container Platform 4.7 users are advised to upgrade to theseupdated packages and images when they are available in the appropriaterelease channel. To check for available updates, use the OpenShift Consoleor the CLI oc command. Instructions for upgrading a cluster are availableathttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster between-minor.html#understanding-upgrade-channels_updating-cluster-between minor.\n<P>Security Fix(es): golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)\n<P>Affected Products: <br/><br/>Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64<br/>Red Hat OpenShift Container Platform 4.7 for RHEL 7 x86_64<br/>Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8 ppc64le<br/>Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8 s390x<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239197",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0958\" TARGET=\"_blank\">RHSA-2021:0958</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0958?language=en\" TARGET=\"_blank\">RHSA-2021:0958: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for OpenShift Container Platform 4.7.4 (RHSA-2021:0958)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0958",

"URL": "https://access.redhat.com/errata/RHSA-2021:0958?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-15586",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15586"

},

{

"ID": "CVE-2020-16845",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16845"

}

]

},

"DIAGNOSIS": "ed Hat OpenShift Container Platform is Red Hat's cloud computingKubernetes application platform solution designed for on-premise or privatecloud deployments.This advisory contains the RPM packages for Red Hat OpenShift ContainerPlatform 4.6.23. See the following advisory for the container images forthis release:https://access.redhat.com/errata/RHBA-2021:0952 All OpenShift Container Platform 4.6 users are advised to upgrade to theseupdated packages and images when they are available in the appropriaterelease channel. To check for available updates, use the OpenShift Consoleor the CLI oc command. Instructions for upgrading a cluster are availableathttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster between-minor.html#understanding-upgrade-channels_updating-cluster-between minor.\n<P>Security Fix(es): golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n<P>Affected Products: <br/><br/>Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64<br/>Red Hat OpenShift Container Platform 4.6 for RHEL 7 x86_64<br/>Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le<br/>Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239198",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0956\" TARGET=\"_blank\">RHSA-2021:0956</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0956?language=en\" TARGET=\"_blank\">RHSA-2021:0956: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for OpenShift Container Platform 4.6.23 (RHSA-2021:0956)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0956",

"URL": "https://access.redhat.com/errata/RHSA-2021:0956?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-27813",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27813"

}

},

"DIAGNOSIS": "Red Hat OpenShift Container Platform is Red Hat's cloud computingKubernetes application platform solution designed for on-premise or privatecloud deployments.This advisory contains the RPM packages for Red Hat OpenShift ContainerPlatform 3.11.404. See the following advisory for the container images forthis release:https://access.redhat.com/errata/RHBA-2021:0832 This release fixes the following bugs: Previously, node upgrade playbooks scoped all nodes instead of just the nodes that are filtered by the `openshift_upgrade_nodes_label`. As a result, nodes that were not intended to be upgraded had yum excluders disabled but not reenabled. With this release, the initialization of the variable for filtering nodes to upgrade is moved to earlier in the play, and preconfiguration is scoped to the filtered list of nodes. As a result, only the nodes that are intended for upgrade have yum excluders disabled. (BZ#1917013)\n Previously, node-based facts, such as `l_kubelet_node_name`, were set late in the upgrade cycle, causing the fact to be undefined when referenced. With this release, node-based fact initialization happens earlier in the upgrade cycle so that facts are set prior to being referenced. (BZ#1933090)\n Previously, a bug fix in Ansible 2.9.10 changed the behavior of `delegate_to` for plays using `connection: local` with `hosts: localhost`. This change caused tasks that are intended for remote hosts to be executed locally. With this release, `connection: local` is removed for the affected play, and tasks intended for remote hosts are executed on the remote host. (BZ#1934136)\n<P>Security Fix(es): golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n<P>Affected Products: <br/><br/>Red Hat OpenShift Container Platform 3.11 x86_64<br/>Red Hat OpenShift Container Platform for Power 3.11 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239199",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0833\" TARGET=\"_blank\">RHSA-2021:0833</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0833?language=en\" TARGET=\"_blank\">RHSA-2021:0833: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for OpenShift Container Platform 3.11.404 (RHSA-2021:0833)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0833",

"URL": "https://access.redhat.com/errata/RHSA-2021:0833?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-15586",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15586"

},

{

"ID": "CVE-2020-16845",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16845"

}

]

},

"DIAGNOSIS": "Red Hat OpenShift Container Platform is Red Hat's cloud computingKubernetes application platform solution designed for on-premise or privatecloud deployments.<P>Security Fix(es): golang: Data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n<P>Affected Products: <br/><br/>Red Hat OpenShift Container Platform 4.5 for RHEL 8 x86_64<br/>Red Hat OpenShift Container Platform 4.5 for RHEL 7 x86_64<br/>Red Hat OpenShift Container Platform for Power 4.5 for RHEL 8 ppc64le<br/>Red Hat OpenShift Container Platform for Power 4.5 for RHEL 7 ppc64le<br/>Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 8 s390x<br/>Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 7 s390x<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "239200",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0713\" TARGET=\"_blank\">RHSA-2021:0713</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:0713?language=en\" TARGET=\"_blank\">RHSA-2021:0713: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for OpenShift Container Platform 4.5.34 packages and (RHSA-2021:0713)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:0713",

"URL": "https://access.redhat.com/errata/RHSA-2021:0713?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3449",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449"

}

},

"DIAGNOSIS": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)<br/>and Transport Layer Security (TLS)<br/>protocols, as well as a full-strength general-purpose cryptography library.<P>Security Fix(es): openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:03:44Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239201",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1131\" TARGET=\"_blank\">RHSA-2021:1131</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1131?language=en\" TARGET=\"_blank\">RHSA-2021:1131: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for Open Secure Sockets Layer (OpenSSL) (RHSA-2021:1131)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1131",

"URL": "https://access.redhat.com/errata/RHSA-2021:1131?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-0466",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0466"

},

{

"ID": "CVE-2020-27152",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27152"

},

{

"ID": "CVE-2020-28374",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28374"

},

{

"ID": "CVE-2021-3347",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3347"

},

{

"ID": "CVE-2021-26708",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26708"

},

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

}

]

},

"DIAGNOSIS": "The kernel packages contain the Linux kernel, the core of any Linux operating system.<P>Security Fix(es): kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466)\n kernel: SCSI target (LIO)<br/>write to any block on ILO backstore (CVE-2020-28374)\n kernel: Use after free via PI futex state (CVE-2021-3347)\n kernel: race conditions caused by wrong locking in net/vmw_vsock/af_vsock.c (CVE-2021-26708)\n kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)\n kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)\n Kernel: KVM: host stack overflow due to lazy update IOAPIC (CVE-2020-27152)\n kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 8 s390x<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/>Red Hat CodeReady Linux Builder for x86_64 8 x86_64<br/>Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le<br/>Red Hat CodeReady Linux Builder for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239202",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1093\" TARGET=\"_blank\">RHSA-2021:1093</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1093?language=en\" TARGET=\"_blank\">RHSA-2021:1093: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for kernel (RHSA-2021:1093)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1093",

"URL": "https://access.redhat.com/errata/RHSA-2021:1093?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-35518",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35518"

}

},

"DIAGNOSIS": "389 Directory Server is an LDAP version 3 (LDAPv3)<br/>compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP)<br/>server and command-line utilities for server administration. <P>Security Fix(es): 389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 8 s390x<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239203",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "directory_server",

"VENDOR": "redhat"

},

{

"PRODUCT": "389_directory_server",

"VENDOR": "redhat"

},

{

"PRODUCT": "enterprise_linux",

"VENDOR": "redhat"

},

{

"PRODUCT": "None",

"VENDOR": "redhat"

}

]

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1086\" TARGET=\"_blank\">RHSA-2021:1086</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1086?language=en\" TARGET=\"_blank\">RHSA-2021:1086: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for 389-ds:1.4 (RHSA-2021:1086)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1086",

"URL": "https://access.redhat.com/errata/RHSA-2021:1086?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-0466",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0466"

},

{

"ID": "CVE-2020-27152",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27152"

},

{

"ID": "CVE-2020-28374",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28374"

},

{

"ID": "CVE-2021-3347",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3347"

},

{

"ID": "CVE-2021-26708",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26708"

},

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

}

]

},

"DIAGNOSIS": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.<P>Security Fix(es): kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466)\n kernel: SCSI target (LIO)<br/>write to any block on ILO backstore (CVE-2020-28374)\n kernel: Use after free via PI futex state (CVE-2021-3347)\n kernel: race conditions caused by wrong locking in net/vmw_vsock/af_vsock.c (CVE-2021-26708)\n kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)\n kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)\n Kernel: KVM: host stack overflow due to lazy update IOAPIC (CVE-2020-27152)\n kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for Real Time 8 x86_64<br/>Red Hat Enterprise Linux for Real Time for NFV 8 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239204",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1081\" TARGET=\"_blank\">RHSA-2021:1081</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1081?language=en\" TARGET=\"_blank\">RHSA-2021:1081: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for kernel-rt (RHSA-2021:1081)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1081",

"URL": "https://access.redhat.com/errata/RHSA-2021:1081?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21381",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21381"

}

},

"DIAGNOSIS": "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.<P>Security Fix(es): flatpak: &quot;file forwarding&quot; feature can be used to gain unprivileged access to files (CVE-2021-21381)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239205",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1074\" TARGET=\"_blank\">RHSA-2021:1074</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1074?language=en\" TARGET=\"_blank\">RHSA-2021:1074: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for flatpak (RHSA-2021:1074)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1074",

"URL": "https://access.redhat.com/errata/RHSA-2021:1074?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21381",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21381"

}

},

"DIAGNOSIS": "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.<P>Security Fix(es): flatpak: &quot;file forwarding&quot; feature can be used to gain unprivileged access to files (CVE-2021-21381)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64<br/>Red Hat Enterprise Linux Server - AUS 8.2 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 8.2 x86_64<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239206",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1073\" TARGET=\"_blank\">RHSA-2021:1073</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1073?language=en\" TARGET=\"_blank\">RHSA-2021:1073: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for flatpak (RHSA-2021:1073)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1073",

"URL": "https://access.redhat.com/errata/RHSA-2021:1073?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20277",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277"

}

},

"DIAGNOSIS": "The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases.<P>Security Fix(es): samba: Out of bounds read in AD DC LDAP server (CVE-2021-20277)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux Server 7 x86_64<br/>Red Hat Enterprise Linux Workstation 7 x86_64<br/>Red Hat Enterprise Linux Desktop 7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 7 s390x<br/>Red Hat Enterprise Linux for Power, big endian 7 ppc64<br/>Red Hat Enterprise Linux for Scientific Computing 7 x86_64<br/>Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian 7 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239207",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1072\" TARGET=\"_blank\">RHSA-2021:1072</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1072?language=en\" TARGET=\"_blank\">RHSA-2021:1072: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for libldb (RHSA-2021:1072)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1072",

"URL": "https://access.redhat.com/errata/RHSA-2021:1072?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

}

]

},

"DIAGNOSIS": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.<P>Security Fix(es): kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)\n kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)\n kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for Real Time 7 x86_64<br/>Red Hat Enterprise Linux for Real Time for NFV 7 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239208",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1070\" TARGET=\"_blank\">RHSA-2021:1070</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1070?language=en\" TARGET=\"_blank\">RHSA-2021:1070: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for kernel-rt (RHSA-2021:1070)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1070",

"URL": "https://access.redhat.com/errata/RHSA-2021:1070?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

}

]

},

"DIAGNOSIS": "This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.<P>Security Fix(es): kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)\n kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux Server 7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian 7 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239209",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1069\" TARGET=\"_blank\">RHSA-2021:1069</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1069?language=en\" TARGET=\"_blank\">RHSA-2021:1069: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for kpatch-patch (RHSA-2021:1069)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1069",

"URL": "https://access.redhat.com/errata/RHSA-2021:1069?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21381",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21381"

}

},

"DIAGNOSIS": "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.<P>Security Fix(es): flatpak: &quot;file forwarding&quot; feature can be used to gain unprivileged access to files (CVE-2021-21381)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 8 s390x<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239210",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1068\" TARGET=\"_blank\">RHSA-2021:1068</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1068?language=en\" TARGET=\"_blank\">RHSA-2021:1068: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for flatpak (RHSA-2021:1068)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1068",

"URL": "https://access.redhat.com/errata/RHSA-2021:1068?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20295",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20295"

}

},

"DIAGNOSIS": "Kernel-based Virtual Machine (KVM)<br/>offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.<P>Security Fix(es): QEMU: Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm in Red Hat Enterprise Linux 8.3 (CVE-2021-20295)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 8 s390x<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/>Red Hat CodeReady Linux Builder for x86_64 8 x86_64<br/>Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le<br/>Red Hat CodeReady Linux Builder for ARM 64 8 aarch64<br/>Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239211",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1064\" TARGET=\"_blank\">RHSA-2021:1064</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1064?language=en\" TARGET=\"_blank\">RHSA-2021:1064: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for virt:rhel and virt-devel:rhel (RHSA-2021:1064)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1064",

"URL": "https://access.redhat.com/errata/RHSA-2021:1064?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3121",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121"

}

},

"DIAGNOSIS": "Red Hat OpenShift Container Platform is Red Hat's cloud computingKubernetes application platform solution designed for on-premise or privatecloud deployments.This advisory contains the RPM packages for Red Hat OpenShift ContainerPlatform 4.7.5. See the following advisory for the container images forthis release:https://access.redhat.com/errata/RHSA-2021:1005 All OpenShift Container Platform 4.7 users are advised to upgrade to theseupdated packages and images when they are available in the appropriaterelease channel. To check for available updates, use the OpenShift Consoleor the CLI oc command. Instructions for upgrading a cluster are availableathttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor <P>Security Fix(es): gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n<P>Affected Products: <br/><br/>Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64<br/>Red Hat OpenShift Container Platform 4.7 for RHEL 7 x86_64<br/>Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8 ppc64le<br/>Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8 s390x<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "239212",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1006\" TARGET=\"_blank\">RHSA-2021:1006</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1006?language=en\" TARGET=\"_blank\">RHSA-2021:1006: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for OpenShift Container Platform 4.7.5 (RHSA-2021:1006)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1006",

"URL": "https://access.redhat.com/errata/RHSA-2021:1006?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

}

]

},

"DIAGNOSIS": "This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.<P>Security Fix(es): kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)\n kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "239213",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1173\" TARGET=\"_blank\">RHSA-2021:1173</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1173?language=en\" TARGET=\"_blank\">RHSA-2021:1173: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for kpatch-patch (RHSA-2021:1173)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1173",

"URL": "https://access.redhat.com/errata/RHSA-2021:1173?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

}

]

},

"DIAGNOSIS": "The kernel packages contain the Linux kernel, the core of any Linux operating system.<P>Security Fix(es): kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)\n kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)\n kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64<br/>Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.1 x86_64<br/>Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.1 ppc64le<br/>Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.1 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "239214",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1171\" TARGET=\"_blank\">RHSA-2021:1171</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1171?language=en\" TARGET=\"_blank\">RHSA-2021:1171: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for kernel (RHSA-2021:1171)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1171",

"URL": "https://access.redhat.com/errata/RHSA-2021:1171?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20305",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305"

}

},

"DIAGNOSIS": "Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.<P>Security Fix(es): nettle: Out of bounds memory access in signature verification (CVE-2021-20305)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux Server 7 x86_64<br/>Red Hat Enterprise Linux Workstation 7 x86_64<br/>Red Hat Enterprise Linux Desktop 7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 7 s390x<br/>Red Hat Enterprise Linux for Power, big endian 7 ppc64<br/>Red Hat Enterprise Linux for Scientific Computing 7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian 7 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "239215",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "enterprise_linux",

"VENDOR": "redhat"

},

{

"PRODUCT": "None",

"VENDOR": "redhat"

}

]

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1145\" TARGET=\"_blank\">RHSA-2021:1145</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1145?language=en\" TARGET=\"_blank\">RHSA-2021:1145: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for nettle (RHSA-2021:1145)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1145",

"URL": "https://access.redhat.com/errata/RHSA-2021:1145?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-25097",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25097"

}

},

"DIAGNOSIS": "Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.<P>Security Fix(es): squid: improper input validation may allow a trusted client to perform HTTP request smuggling (CVE-2020-25097)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux Server 7 x86_64<br/>Red Hat Enterprise Linux Workstation 7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 7 s390x<br/>Red Hat Enterprise Linux for Power, big endian 7 ppc64<br/>Red Hat Enterprise Linux for Power, little endian 7 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "239216",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1135\" TARGET=\"_blank\">RHSA-2021:1135</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1135?language=en\" TARGET=\"_blank\">RHSA-2021:1135: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for squid (RHSA-2021:1135)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1135",

"URL": "https://access.redhat.com/errata/RHSA-2021:1135?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

},

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

}

]

},

"DIAGNOSIS": "The kernel packages contain the Linux kernel, the core of any Linux operating system.<P>Security Fix(es): kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)\n kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)\n kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux Server 7 x86_64<br/>Red Hat Enterprise Linux Workstation 7 x86_64<br/>Red Hat Enterprise Linux Desktop 7 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 7 s390x<br/>Red Hat Enterprise Linux for Power, big endian 7 ppc64<br/>Red Hat Enterprise Linux for Scientific Computing 7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian 7 ppc64le<br/>Red Hat Virtualization Host 4 for RHEL 7 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "239217",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1071\" TARGET=\"_blank\">RHSA-2021:1071</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1071?language=en\" TARGET=\"_blank\">RHSA-2021:1071: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for kernel (RHSA-2021:1071)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1071",

"URL": "https://access.redhat.com/errata/RHSA-2021:1071?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20277",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277"

}

},

"DIAGNOSIS": "The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases.<P>Security Fix(es): samba: Out of bounds read in AD DC LDAP server (CVE-2021-20277)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "239218",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1214\" TARGET=\"_blank\">RHSA-2021:1214</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1214?language=en\" TARGET=\"_blank\">RHSA-2021:1214: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for libldb (RHSA-2021:1214)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1214",

"URL": "https://access.redhat.com/errata/RHSA-2021:1214?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20277",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277"

}

},

"DIAGNOSIS": "The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases.<P>Security Fix(es): samba: Out of bounds read in AD DC LDAP server (CVE-2021-20277)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64<br/>Red Hat Enterprise Linux Server - AUS 8.2 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 8.2 x86_64<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "239219",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1213\" TARGET=\"_blank\">RHSA-2021:1213</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1213?language=en\" TARGET=\"_blank\">RHSA-2021:1213: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for libldb (RHSA-2021:1213)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1213",

"URL": "https://access.redhat.com/errata/RHSA-2021:1213?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20305",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305"

}

},

"DIAGNOSIS": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS)<br/>library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.<P>Security Fix(es): nettle: Out of bounds memory access in signature verification (CVE-2021-20305)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 8 s390x<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "239220",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "enterprise_linux",

"VENDOR": "redhat"

},

{

"PRODUCT": "None",

"VENDOR": "redhat"

}

]

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1206\" TARGET=\"_blank\">RHSA-2021:1206</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1206?language=en\" TARGET=\"_blank\">RHSA-2021:1206: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for gnutls and nettle (RHSA-2021:1206)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1206",

"URL": "https://access.redhat.com/errata/RHSA-2021:1206?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23991",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"

},

{

"ID": "CVE-2021-23992",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"

},

{

"ID": "CVE-2021-23993",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"

}

]

},

"DIAGNOSIS": "Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.9.1.<P>Security Fix(es): Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991)\n Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user (CVE-2021-23992)\n Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key (CVE-2021-23993)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64<br/>Red Hat Enterprise Linux Server - AUS 8.2 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - TUS 8.2 x86_64<br/>Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "239221",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1201\" TARGET=\"_blank\">RHSA-2021:1201</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1201?language=en\" TARGET=\"_blank\">RHSA-2021:1201: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for thunderbird (RHSA-2021:1201)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1201",

"URL": "https://access.redhat.com/errata/RHSA-2021:1201?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20277",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277"

}

},

"DIAGNOSIS": "The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases.<P>Security Fix(es): samba: Out of bounds read in AD DC LDAP server (CVE-2021-20277)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for IBM z Systems 8 s390x<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "239222",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1197\" TARGET=\"_blank\">RHSA-2021:1197</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1197?language=en\" TARGET=\"_blank\">RHSA-2021:1197: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for libldb (RHSA-2021:1197)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1197",

"URL": "https://access.redhat.com/errata/RHSA-2021:1197?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23991",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"

},

{

"ID": "CVE-2021-23992",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"

},

{

"ID": "CVE-2021-23993",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"

}

]

},

"DIAGNOSIS": "Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.9.1.<P>Security Fix(es): Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991)\n Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user (CVE-2021-23992)\n Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key (CVE-2021-23993)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 8 x86_64<br/>Red Hat Enterprise Linux for Power, little endian 8 ppc64le<br/>Red Hat Enterprise Linux for ARM 64 8 aarch64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "239223",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1193\" TARGET=\"_blank\">RHSA-2021:1193</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1193?language=en\" TARGET=\"_blank\">RHSA-2021:1193: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for thunderbird (RHSA-2021:1193)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1193",

"URL": "https://access.redhat.com/errata/RHSA-2021:1193?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23991",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"

},

{

"ID": "CVE-2021-23992",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"

},

{

"ID": "CVE-2021-23993",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"

}

]

},

"DIAGNOSIS": "Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.9.1.<P>Security Fix(es): Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991)\n Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user (CVE-2021-23992)\n Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key (CVE-2021-23993)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux Server 7 x86_64<br/>Red Hat Enterprise Linux Workstation 7 x86_64<br/>Red Hat Enterprise Linux Desktop 7 x86_64<br/>Red Hat Enterprise Linux for Power, little endian 7 ppc64le<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "239224",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1192\" TARGET=\"_blank\">RHSA-2021:1192</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1192?language=en\" TARGET=\"_blank\">RHSA-2021:1192: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for thunderbird (RHSA-2021:1192)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1192",

"URL": "https://access.redhat.com/errata/RHSA-2021:1192?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "RedHat",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23991",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"

},

{

"ID": "CVE-2021-23992",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"

},

{

"ID": "CVE-2021-23993",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"

}

]

},

"DIAGNOSIS": "Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 78.9.1.<P>Security Fix(es): Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991)\n Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user (CVE-2021-23992)\n Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key (CVE-2021-23993)\n<P>Affected Products: <br/><br/>Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64<br/>Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le<br/>Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le<br/>Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "239225",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "redhat"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://access.redhat.com/articles/11258\" TARGET=\"_blank\">Applying Package Updates to RHEL system</A> for details.<P>\n Refer to Red Hat security advisory <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1190\" TARGET=\"_blank\">RHSA-2021:1190</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://access.redhat.com/errata/RHSA-2021:1190?language=en\" TARGET=\"_blank\">RHSA-2021:1190: Red Hat Enterprise Linux</A>",

"TITLE": "Red Hat Update for thunderbird (RHSA-2021:1190)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "RHSA-2021:1190",

"URL": "https://access.redhat.com/errata/RHSA-2021:1190?language=en"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CentOS",

"CONSEQUENCE": "This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-27364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27364"

},

{

"ID": "CVE-2021-27365",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27365"

},

{

"ID": "CVE-2021-27363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27363"

}

]

},

"DIAGNOSIS": "CentOS has released security update for kernel security update to fix the vulnerabilities.<P>Affected Products:<br/><br/>centos 7<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "257073",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "linux_kernel",

"VENDOR": "linux"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory <A HREF=\"https://lists.centos.org/pipermail/centos-announce/2021-April/048298.html\" TARGET=\"_blank\">centos 7</A> for updates and patch information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.centos.org/pipermail/centos-announce/2021-April/048298.html\" TARGET=\"_blank\">CESA-2021:1071: centos 7</A>",

"TITLE": "CentOS Security Update for kernel (CESA-2021:1071)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CESA-2021:1071 centos 7",

"URL": "https://lists.centos.org/pipermail/centos-announce/2021-April/048298.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CentOS",

"CONSEQUENCE": "This vulnerability could be exploited to gain access to sensitive information also use this vulnerability to change contents or configuration on the system. Additionally this vulnerability can also be used to cause a denial of service in the form of interruptions in resource availability.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-20277",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277"

}

},

"DIAGNOSIS": "CentOS has released security update for libldb security update to fix the vulnerabilities.<P>Affected Products:<br/><br/>centos 7<br/><P>Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "257074",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "centos"

}

},

"SOLUTION": "To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory <A HREF=\"https://lists.centos.org/pipermail/centos-announce/2021-April/048299.html\" TARGET=\"_blank\">centos 7</A> for updates and patch information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.centos.org/pipermail/centos-announce/2021-April/048299.html\" TARGET=\"_blank\">CESA-2021:1072: centos 7</A>",

"TITLE": "CentOS Security Update for libldb (CESA-2021:1072)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CESA-2021:1072 centos 7",

"URL": "https://lists.centos.org/pipermail/centos-announce/2021-April/048299.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to cause an unexpected reboot of the switch, leading to a DoS condition.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-3363",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3363"

}

},

"DIAGNOSIS": "<P>A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches <br/>could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\n\n<P>Affected Products<br/>\nThe following Cisco products are affected if they have version prior to 2.5.5.47:\n250 Series Smart Switches\n350 Series Managed Switches\n350X Series Stackable Managed Switches\n550X Series Stackable Managed Switches\n\nNote: This is a potential check as the device model cannot be confirmed. Also this vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.\n\n<P>QID Detection Logic (Unauthenticated):<br/>The unauthenticated check tries to fetch the Cisco Smart Switch vulnerable version in response to GET request to an API, but not the model number.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "316847",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "small_buisness_switches",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-3bLk6vA\" TARGET=\"_blank\">cisco-sa-sbss-ipv6-dos-3bLk6vA</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-3bLk6vA\" TARGET=\"_blank\">cisco-sa-sbss-ipv6-dos-3bLk6vA</A>",

"TITLE": "Cisco Small Business Smart and Managed Switches Denial of Service Vulnerability(cisco-sa-sbss-ipv6-dos-3bLk6vA)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-sbss-ipv6-dos-3bLk6vA",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-3bLk6vA"

}

},

"VULN_TYPE": "Potential Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to stop the AnyConnect process, causing a DoS condition on the device.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-1450",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1450"

},

{

"ID": "CVE-2021-1428",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1428"

},

{

"ID": "CVE-2021-1429",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1429"

},

{

"ID": "CVE-2021-1519",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1519"

}

]

},

"DIAGNOSIS": "<P>A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client<br/> could allow an authenticated, local attacker to cause a<br/> denial of service (DoS) condition on an affected device. <br/>To exploit this vulnerability, the attacker would need to have <br/>valid credentials on the device.\n\n<P>Affected Products<br/>\nThis vulnerability has affected all versions of the following products:<br/>\nCisco AnyConnect Secure Mobility Client for Windows<br/>\nCisco AnyConnect Secure Mobility Client for MacOS<br/>\nCisco AnyConnect Secure Mobility Client for Linux<br/>\n\n<P>QID Detection Logic (Authenticated):<br/>\nThis checks for vulnerable version of AnyConnect Mobility Client.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-17T09:34:45Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316883",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "anyconnect_secure_mobility_client",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-55AYyxYr\" TARGET=\"_blank\">cisco-sa-anyconnect-dos-55AYyxYr</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-55AYyxYr\" TARGET=\"_blank\">cisco-sa-anyconnect-dos-55AYyxYr</A>",

"TITLE": "Cisco AnyConnect Secure Mobility Client Denial of Service Vulnerability(cisco-sa-anyconnect-dos-55AYyxYr)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "cisco-sa-anyconnect-dos-55AYyxYr",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-55AYyxYr"

},

{

"ID": "cisco-sa-anyconnect-profile-AggMUCDg",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-profile-AggMUCDg"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to cause ARP requests on the device to be unsuccessful <br/>for legitimate hosts, resulting in a denial of service (DoS) condition.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1377",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1377"

}

},

"DIAGNOSIS": "<P>A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software<br/> could allow an unauthenticated, remote attacker to prevent an affected device<br/> from resolving ARP entries for legitimate hosts on the connected subnets.\n\n<P>Affected Products<br/>\nCisco devices if they were running a vulnerable release of Cisco IOS or IOS XE Software.\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco IOS XE version retrieved via Unix Auth using &quot;show version&quot; command. <br/>QID Detection Logic (Unauthenticated):<br/>The check matches Cisco IOS XE version retrieved via SNMP or TCP/IP Fingerprint or NTP or Telnet. <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Unix",

"SNMP"

]

},

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "316912",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "ios",

"VENDOR": "cisco"

},

{

"PRODUCT": "ios_xe",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE\" TARGET=\"_blank\">cisco-sa-arp-mtfhBfjE</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE\" TARGET=\"_blank\">cisco-sa-arp-mtfhBfjE</A>",

"TITLE": "Cisco IOS and IOS XE Software ARP Resource Management Exhaustion Denial of Service Vulnerability(cisco-sa-arp-mtfhBfjE)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-arp-mtfhBfjE",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE"

}

},

"VULN_TYPE": "Vulnerability or Potential Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to execute arbitrary script code in the context <br/>of the affected interface or to access sensitive, browser-based information.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1374",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1374"

}

},

"DIAGNOSIS": "<P>A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software<br/> for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct<br/> a cross-site scripting (XSS) attack against another user of the <br/>web-based management interface of an affected device.\n\n<P>Affected Products<br/>\nThe following Cisco products if they were running a vulnerable release of Cisco IOS XE Software:<br/>\nCatalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches\nCatalyst 9800 Series Wireless Controllers\nEmbedded Wireless Controller on Catalyst Access Points\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco IOS XE version retrieved via Unix Auth using &quot;show version&quot; command. <br/>QID Detection Logic (Unauthenticated):<br/>The check matches Cisco IOS XE version retrieved via SNMP or TCP/IP Fingerprint or NTP or Telnet. <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Not exploitable due to configuration",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Unix",

"SNMP",

"MS Exchange"

]

},

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "316913",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "ios_xe",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-xss-cAfMtCzv\" TARGET=\"_blank\">cisco-sa-ewlc-xss-cAfMtCzv</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-xss-cAfMtCzv\" TARGET=\"_blank\">cisco-sa-ewlc-xss-cAfMtCzv</A>",

"TITLE": "Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Stored Cross-Site Scripting Vulnerability(cisco-sa-ewlc-xss-cAfMtCzv)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-ewlc-xss-cAfMtCzv",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-xss-cAfMtCzv"

}

},

"VULN_TYPE": "Vulnerability or Potential Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code on an affected device.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1390",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1390"

}

},

"DIAGNOSIS": "<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco IOS XE version retrieved via Unix Auth using &quot;show version&quot; command. <br/>QID Detection Logic (Unauthenticated):<br/>The check matches Cisco IOS XE version retrieved via SNMP or TCP/IP Fingerprint or NTP or Telnet. <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Unix",

"SNMP"

]

},

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T12:30:47Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "316914",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "cisco_ios_xe",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-OFP-6Nezgn7b\" TARGET=\"_blank\">cisco-sa-XE-OFP-6Nezgn7b</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-OFP-6Nezgn7b\" TARGET=\"_blank\">cisco-sa-XE-OFP-6Nezgn7b</A>",

"TITLE": "Cisco IOS XE Software Local Privilege Escalation Vulnerability(cisco-sa-XE-OFP-6Nezgn7b)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-XE-OFP-6Nezgn7b",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-OFP-6Nezgn7b"

}

},

"VULN_TYPE": "Vulnerability or Potential Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1391",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1391"

}

},

"DIAGNOSIS": "<P>A vulnerability in the dragonite debugger of Cisco IOS Software and Cisco IOS XE Software<br/> could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege.\n\n<P>Affected Products<br/>\nCisco devices if they were running a vulnerable release of Cisco IOS or IOS XE Software.\nCatalyst IE3200 Rugged Series Switches\nCatalyst IE3300 Rugged Series Switches\nCatalyst IE3400 Rugged Series Switches\nCatalyst IE3400 Heavy Duty Series Switches\nEmbedded Services 3300 Series Switches (ESS 3300)\n\nNote: Potential detection, as device is not confirmed.\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco IOS XE version retrieved via Unix Auth using &quot;show version&quot; command. <br/>QID Detection Logic (Unauthenticated):<br/>The check matches Cisco IOS XE version retrieved via SNMP or TCP/IP Fingerprint or NTP or Telnet. <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Unix",

"SNMP"

]

},

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T12:32:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "316915",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "None",

"VENDOR": "cisco"

},

{

"PRODUCT": "ios_xe",

"VENDOR": "cisco"

},

{

"PRODUCT": "ios",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-FSM-Yj8qJbJc\" TARGET=\"_blank\">cisco-sa-XE-FSM-Yj8qJbJc</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-FSM-Yj8qJbJc\" TARGET=\"_blank\">cisco-sa-XE-FSM-Yj8qJbJc</A>",

"TITLE": "Cisco IOS and IOS XE Software Privilege Escalation Vulnerability(cisco-sa-XE-FSM-Yj8qJbJc)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-XE-FSM-Yj8qJbJc",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-FSM-Yj8qJbJc"

}

},

"VULN_TYPE": "Potential Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging console.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1381",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1381"

}

},

"DIAGNOSIS": "<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco IOS XE version retrieved via Unix Auth using &quot;show version&quot; command. <br/>QID Detection Logic (Unauthenticated):<br/>The check matches Cisco IOS XE version retrieved via SNMP or TCP/IP Fingerprint or NTP or Telnet. <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Unix",

"SNMP"

]

},

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T12:30:46Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "316916",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "None",

"VENDOR": "cisco"

},

{

"PRODUCT": "ios_xe",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-BLKH-Ouvrnf2s\" TARGET=\"_blank\">cisco-sa-XE-BLKH-Ouvrnf2s</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-BLKH-Ouvrnf2s\" TARGET=\"_blank\">cisco-sa-XE-BLKH-Ouvrnf2s</A>",

"TITLE": "Cisco IOS XE Software Active Debug Code Vulnerability(cisco-sa-XE-BLKH-Ouvrnf2s)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-XE-BLKH-Ouvrnf2s",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-BLKH-Ouvrnf2s"

}

},

"VULN_TYPE": "Vulnerability or Potential Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to cause a system memory leak in the ICMPv6 process on the device.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1229",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1229"

}

},

"DIAGNOSIS": "<P>QID Detection Logic(Authenticated):<br/>It checks for vulnerable version of Cisco NX-OS using show version Command.<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "316917",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "nx-os",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq\" TARGET=\"_blank\">cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq\" TARGET=\"_blank\">cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq</A>",

"TITLE": "Cisco NX-OS Software ICMP Version 6 Memory Leak Denial of Service Vulnerability(cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to perform command injection into the underlying operating system as the root user.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1384",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1384"

}

},

"DIAGNOSIS": "<P>A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software <br/>could allow an authenticated, remote attacker to inject commands <br/>into the underlying operating system as the root user.\n\n<P>Affected Products<br/>\nCisco IOS XE Software releases 16.3.1 and later if they were configured with the<br/> Cisco IOx application hosting infrastructure.<br/>\nNote: The Cisco IOx application hosting infrastructure is not enabled by default.\n\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco IOS XE version retrieved via Unix Auth using &quot;show version&quot; command. <br/>QID Detection Logic (Unauthenticated):<br/>The check matches Cisco IOS XE version retrieved via SNMP or TCP/IP Fingerprint or NTP or Telnet. <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Unix",

"SNMP"

]

},

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "316918",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "ios_xe",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-cmdinj-RkSURGHG\" TARGET=\"_blank\">cisco-sa-iox-cmdinj-RkSURGHG</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-cmdinj-RkSURGHG\" TARGET=\"_blank\">cisco-sa-iox-cmdinj-RkSURGHG</A>",

"TITLE": "Cisco IOx for IOS XE Software Command Injection Vulnerability(cisco-sa-iox-cmdinj-RkSURGHG)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-iox-cmdinj-RkSURGHG",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-cmdinj-RkSURGHG"

}

},

"VULN_TYPE": "Vulnerability or Potential Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to cause the web management interface to become unavailable, resulting in a DoS condition.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1394",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1394"

}

},

"DIAGNOSIS": "<P>A vulnerability in the ingress traffic manager of Cisco IOS XE Software for Cisco Network Convergence System (NCS) 520 Routers<br/> could allow an unauthenticated, remote attacker to cause a denial of service <br/>(DoS) condition in the web management interface of an affected device.\n\n<P>Affected Products<br/>\nCisco NCS 520 Routers if they were running a vulnerable release of Cisco IOS XE Software and had the HTTP server enabled.<br/>\nNote: This vulnerability does not impact traffic that is going through the device or <br/>going to the Management Ethernet interface of the device\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco IOS XE version retrieved via Unix Auth using &quot;show version&quot; command. <br/>QID Detection Logic (Unauthenticated):<br/>The check matches Cisco IOS XE version retrieved via SNMP or TCP/IP Fingerprint or NTP or Telnet. <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Not exploitable due to configuration",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Unix",

"SNMP",

"MS Exchange"

]

},

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "316920",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "ios_xe",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs520-tcp-ZpzzOxB\" TARGET=\"_blank\">cisco-sa-ncs520-tcp-ZpzzOxB</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs520-tcp-ZpzzOxB\" TARGET=\"_blank\">cisco-sa-ncs520-tcp-ZpzzOxB</A>",

"TITLE": "Cisco IOS XE Software for Network Convergence System 520 Routers Denial of Service Vulnerability(cisco-sa-ncs520-tcp-ZpzzOxB)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-ncs520-tcp-ZpzzOxB",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs520-tcp-ZpzzOxB"

}

},

"VULN_TYPE": "Vulnerability or Potential Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "Successful exploitation allows attacker to execute arbitrary code on the underlying operating system with root privileges.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-1137",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1137"

},

{

"ID": "CVE-2021-1479",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1479"

},

{

"ID": "CVE-2021-1480",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1480"

}

]

},

"DIAGNOSIS": "A remote code execution vulnerability exists in a remote management component of Cisco SD-WAN vManage Software<br/>\nA Privilege Escalation vulnerability exists in the user management function of Cisco SD-WAN Software<br/>\nA Privilege Escalation vulnerability exists in the system file transfer functions of Cisco SD-WAN<P>\n<P>Affected Products<br/>\nCisco SD-WAN vManage Software releases earlier than the following releases:<br/>\nFrom 0.0.0 Prior To 19.2.4<br/>\nVersion 19.3.x all versions<br/>\nFrom 20.0.0 Prior To 20.3.3<br/>\nFrom 20.4.0 Prior To 20.4.1<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "316921",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "sd-wan",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy\" TARGET=\"_blank\">cisco-sa-vmanage-YuTVWqy</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy\" TARGET=\"_blank\">cisco-sa-vmanage-YuTVWqy</A>",

"TITLE": "Cisco SD-WAN vManage Software Vulnerabilities (cisco-sa-vmanage-YuTVWqy)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-vmanage-YuTVWqy",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying Linux operating system of the affected device.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1362",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1362"

}

},

"DIAGNOSIS": "<P>A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management<br/> Edition, Cisco Unified Communications Manager IM Presence Service, Cisco Unity Connection<br/>, and Cisco Prime License Manager could allow an authenticated, <br/>remote attacker to execute arbitrary code on an affected device.\n\n<P>Affected Products<br/>\nCisco products if they are running a vulnerable software release:\nUnified Communications Manager (Unified CM)\nUnified Communications Manager Session Management Edition (Unified CM SME)\nUnified Communications Manager IM Presence Service (Unified CM IMP)\nUnity Connection\nPrime License Manager\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches the Cisco Unified Communications Product version retrieved via Unix Auth using &quot; Active Master Version:&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "316922",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "unified_communications_manager",

"VENDOR": "cisco"

},

{

"PRODUCT": "unity_connection",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb\" TARGET=\"_blank\">cisco-sa-cucm-rce-pqVYwyb</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb\" TARGET=\"_blank\">cisco-sa-cucm-rce-pqVYwyb</A>",

"TITLE": "Cisco Unified Communications Products Remote Code Execution Vulnerability(cisco-sa-cucm-rce-pqVYwyb)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-cucm-rce-pqVYwyb",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying Linux operating system of the affected device.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1362",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1362"

}

},

"DIAGNOSIS": "<P>A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager IM Presence Service<br/>could allow an authenticated, <br/>remote attacker to execute arbitrary code on an affected device.\n\n<P>Affected Products<br/>\nCisco products if they are running a vulnerable software release:\nUnified Communications Manager IM Presence Service (Unified CM IMP)\n\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches the Cisco Unified Communications Product version retrieved via Unix Auth using &quot; Active Master Version:&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-12T13:50:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-12T13:50:00Z",

"QID": "316923",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "unified_communications_manager_im_and_presence_service",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb\" TARGET=\"_blank\">cisco-sa-cucm-rce-pqVYwyb</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb\" TARGET=\"_blank\">cisco-sa-cucm-rce-pqVYwyb</A>",

"TITLE": "Cisco Unified Communications Manager IM and Presence Service Remote Code Execution Vulnerability(cisco-sa-cucm-rce-pqVYwyb)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-cucm-rce-pqVYwyb",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow an attacker to escalate their privilege level to root. The attacker would need to have the administrator role on the device.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-1889",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1889"

}

},

"DIAGNOSIS": "<P>QID Detection Logic (Authenticated):<br/>The check matches CiscoCisco APIC version retrieved via Unix Auth using &quot;show version&quot; command. <br/>\n<P>Affected Version: <br/>\nCisco APIC Software releases earlier than 3.2(9b) and 4.1(2g).<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "316924",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

},

{

"PRODUCT": "None",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ccapic-restapi\" TARGET=\"_blank\">cisco-sa-20190703-ccapic-restapi</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ccapic-restapi\" TARGET=\"_blank\">cisco-sa-20190703-ccapic-restapi</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller REST API Privilege Escalation Vulnerability(cisco-sa-20190703-ccapic-restapi)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20190703-ccapic-restapi",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ccapic-restapi"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to execute commands on the underlying Linux OS with root privileges.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1485",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1485"

}

},

"DIAGNOSIS": "<P>A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated,<br/> local attacker to inject arbitrary commands that are executed <br/>with root privileges on the underlying Linux operating system (OS) of an affected device.\n\n<P>Affected Products<br/>\nCisco IOS XR Software releases earlier than Release 7.3.1.\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco IOS XE version retrieved via Unix Auth using &quot;show version&quot; command. <br/>QID Detection Logic (Unauthenticated):<br/>The check matches Cisco IOS XE version retrieved via SNMP or TCP/IP Fingerprint or NTP or Telnet. <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "316925",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "ios_xr",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cmdinj-vsKGherc\" TARGET=\"_blank\">cisco-sa-xr-cmdinj-vsKGherc</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cmdinj-vsKGherc\" TARGET=\"_blank\">cisco-sa-xr-cmdinj-vsKGherc</A>",

"TITLE": "Cisco IOS XR Software Command Injection Vulnerability(cisco-sa-xr-cmdinj-vsKGherc)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-xr-cmdinj-vsKGherc",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cmdinj-vsKGherc"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "The vulnerability is due to improper handling of a type of Layer 2 control plane traffic. An attacker could exploit this vulnerability by sending crafted traffic to a host behind a leaf switch. An exploit could allow the attacker to cause a DoS condition on the affected device.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2016-6457",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6457"

}

},

"DIAGNOSIS": "<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command. \n<P>Affected Version: <br/>\nAPIC version 1.2(2x) prior to 1.2(2j)<br/>\nAPIC version 1.2(3x) prior to 1.2(3l)<br/>\nAPIC version 1.3(1x) prior to 1.3(1j)<br/>\nAPIC version 1.3(2x) prior to 1.3(2j)<br/>\nAPIC version 2.0(1x) prior to 2.0(1r)<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:24Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-15T14:56:24Z",

"QID": "316926",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic\" TARGET=\"_blank\">cisco-sa-20161102-n9kapic</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic\" TARGET=\"_blank\">cisco-sa-20161102-n9kapic</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability(cisco-sa-20161102-n9kapic)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20161102-n9kapic",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "The vulnerability is due to improper handling of a type of Layer 2 control plane traffic. An attacker could exploit this vulnerability by sending crafted traffic to a host behind a leaf switch. An exploit could allow the attacker to cause a DoS condition on the affected device.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2016-6457",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6457"

}

},

"DIAGNOSIS": "<P>QID Detection Logic(Authenticated):<br/>It checks for vulnerable version of Cisco NX-OS using show version Command.<br/>\nAffected Version:<br/>\nCisco NX-OS with ACI mode version 11.2(2x) prior to 11.2(2j)<br/>\nCisco NX-OS with ACI mode version 11.2(3x) prior to 11.2(3l)<br/>\nCisco NX-OS with ACI mode version 11.3(1x)) prior to 11.3(1j)<br/>\nCisco NX-OS with ACI mode version 11.3(2x) prior to 11.3(2j)<br/>\nCisco NX-OS with ACI mode version 12.0(1x) prior to 12.0(1r)<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:25Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "316927",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "nxos_aci_mode",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic\" TARGET=\"_blank\">cisco-sa-20161102-n9kapic</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic\" TARGET=\"_blank\">cisco-sa-20161102-n9kapic</A>",

"TITLE": "Cisco NX-OS with ACI mode Denial of Service Vulnerability(cisco-sa-20161102-n9kapic)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20161102-n9kapic",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to execute arbitrary script code in the context<br/> of the affected interface or access sensitive browser-based information.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-1408",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1408"

},

{

"ID": "CVE-2021-1380",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1380"

},

{

"ID": "CVE-2021-1409",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1409"

},

{

"ID": "CVE-2021-1407",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1407"

}

]

},

"DIAGNOSIS": "<P>Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM),<br/> Cisco Unified Communications Manager IM Presence Service (Unified CM IMP), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), <br/>and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an interface user.\n\n<P>Affected Products: <br/>\nCisco Product\t Vulnerable Releases\t CVE IDs\nUnified CM\t Earlier than 14\t CVE-2021-1380, CVE-2021-1407, CVE-2021-1408, CVE-2021-1409\nUnified CM SME\tEarlier than 14 CVE-2021-1380, CVE-2021-1407, CVE-2021-1408, CVE-2021-1409\nUnity Connection\tEarlier than 14 CVE-2021-1380, CVE-2021-1409\n \n<P>QID Detection Logic (Authenticated):<br/>The check matches the Cisco Unified Communications Product version retrieved via Unix Auth using &quot; Active Master Version:&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316928",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "unified_communications_manager",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-Q4PZcNzJ\" TARGET=\"_blank\">cisco-sa-cucm-xss-Q4PZcNzJ</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-Q4PZcNzJ\" TARGET=\"_blank\">cisco-sa-cucm-xss-Q4PZcNzJ</A>",

"TITLE": "Cisco Unified Communications Products Cross-Site Scripting Vulnerabilities(cisco-sa-cucm-xss-Q4PZcNzJ)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-cucm-xss-Q4PZcNzJ",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-Q4PZcNzJ"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local attacker to escalate privileges to root on an affected device.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-1682",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1682"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller (APIC) Software release prior to 3.2(6i) or 4.1(1i)\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316929",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

},

{

"PRODUCT": "None",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-priv-escalation\" TARGET=\"_blank\">cisco-sa-20190501-apic-priv-escalation</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-priv-escalation\" TARGET=\"_blank\">cisco-sa-20190501-apic-priv-escalation</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability(cisco-sa-20190501-apic-priv-escalation)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20190501-apic-priv-escalation",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-priv-escalation"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP ports. <P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-3139",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3139"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco APIC releases prior to the first fixed software Release 4.2(3j)<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:25Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "316930",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iptable-bypass-GxW88XjL\" TARGET=\"_blank\">cisco-sa-iptable-bypass-GxW88XjL</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iptable-bypass-GxW88XjL\" TARGET=\"_blank\">cisco-sa-iptable-bypass-GxW88XjL</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Out Of Band Management IP Tables Bypass Vulnerability(cisco-sa-iptable-bypass-GxW88XjL)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-iptable-bypass-GxW88XjL",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iptable-bypass-GxW88XjL"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-1838",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1838"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller Version 3.2(5d) and 4.0(3d)<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316931",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-xss\" TARGET=\"_blank\">cisco-sa-20190501-apic-xss</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-xss\" TARGET=\"_blank\">cisco-sa-20190501-apic-xss</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Web-Based Management Interface Cross-Site Scripting Vulnerability(cisco-sa-20190501-apic-xss)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20190501-apic-xss",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-xss"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, remote attacker to access sensitive system usage information.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-1692",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1692"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller Version 4.1(0.88a) and 8.3(1)S6<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316932",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

},

{

"PRODUCT": "None",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-info-disc\" TARGET=\"_blank\">cisco-sa-20190501-apic-info-disc</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-info-disc\" TARGET=\"_blank\">cisco-sa-20190501-apic-info-disc</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Web-Based Management Interface Usage Information Disclosure Vulnerability(cisco-sa-20190501-apic-info-disc)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20190501-apic-info-disc",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-info-disc"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affected device.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-1586",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1586"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller Version 4.1(0.90a)<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316933",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-encrypt\" TARGET=\"_blank\">cisco-sa-20190501-apic-encrypt</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-encrypt\" TARGET=\"_blank\">cisco-sa-20190501-apic-encrypt</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Recoverable Encryption Key Vulnerability(cisco-sa-20190501-apic-encrypt)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20190501-apic-encrypt",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-encrypt"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-1690",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1690"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller Version 3.2(2l) and 8.3(1)S6<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316934",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6\" TARGET=\"_blank\">cisco-sa-20190306-apic-ipv6</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6\" TARGET=\"_blank\">cisco-sa-20190306-apic-ipv6</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability(cisco-sa-20190306-apic-ipv6)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20190306-apic-ipv6",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in the installation procedure for Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2017-12352",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12352"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller Version 2.3(1f)<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316935",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

},

{

"PRODUCT": "None",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-apic\" TARGET=\"_blank\">cisco-sa-20171129-apic</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-apic\" TARGET=\"_blank\">cisco-sa-20171129-apic</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation Vulnerability(cisco-sa-20171129-apic)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20171129-apic",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-apic"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2017-6767",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6767"

},

{

"ID": "CVE-2017-6768",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6768"

}

]

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller Version 2.2(2e) and 2.3 prior to 2.3(1f)<br/>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316937",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

},

{

"PRODUCT": "None",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic1\" TARGET=\"_blank\">cisco-sa-20170816-apic1</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic1\" TARGET=\"_blank\">cisco-sa-20170816-apic1</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability(cisco-sa-20170816-apic1,cisco-sa-20170816-apic2)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "cisco-sa-20170816-apic2",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic2"

},

{

"ID": "cisco-sa-20170816-apic1",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic1"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in the installation procedure for Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2016-6413",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6413"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller Version 1.3(2f)<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316938",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

},

{

"PRODUCT": "None",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-apic\" TARGET=\"_blank\">cisco-sa-20160921-apic</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-apic\" TARGET=\"_blank\">cisco-sa-20160921-apic</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Binary Privilege Escalation Vulnerability(cisco-sa-20160921-apic)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20160921-apic",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-apic"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in the installation procedure for Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2016-1420",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1420"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller (APIC) Software releases prior to 1.3(2f)<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316939",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "application_infrastructure_controller",

"VENDOR": "cisco"

},

{

"PRODUCT": "application_policy_infrastructure_controller_firmware",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic\" TARGET=\"_blank\">cisco-sa-20160609-apic</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic\" TARGET=\"_blank\">cisco-sa-20160609-apic</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability(cisco-sa-20160609-apic)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20160609-apic",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2015-6424",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6424"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller Version 1.1(0.920a)<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316940",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

},

{

"PRODUCT": "None",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151216-apic\" TARGET=\"_blank\">cisco-sa-20151216-apic</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151216-apic\" TARGET=\"_blank\">cisco-sa-20151216-apic</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Insecure Credentials Vulnerability(cisco-sa-20151216-apic)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20151216-apic",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151216-apic"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A vulnerability in SSH key handling for user accounts in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, local attacker to elevate privileges.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2015-6333",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6333"

}

},

"DIAGNOSIS": "Affected Versions:<br/>\nCisco Application Policy Infrastructure Controller Version 1.1(1j)<P>\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches Cisco APIC version retrieved via Unix Auth using &quot;show version&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "316941",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "application_policy_infrastructure_controller",

"VENDOR": "cisco"

},

{

"PRODUCT": "None",

"VENDOR": "cisco"

}

]

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-apic\" TARGET=\"_blank\">cisco-sa-20151012-apic</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-apic\" TARGET=\"_blank\">cisco-sa-20151012-apic</A>",

"TITLE": "Cisco Application Policy Infrastructure Controller Privilege Escalation SSH Key Vulnerability(cisco-sa-20151012-apic)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-20151012-apic",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-apic"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Cisco",

"CONSEQUENCE": "A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1409",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1409"

}

},

"DIAGNOSIS": "<P>Multiple vulnerabilities in the web-based management interface of<br/> Cisco Unified Communications Manager IMPresence Service (Unified CM IMP) remote attacker to conduct<br/> a cross-site scripting (XSS) attack against an interface user.\n\n<P>Affected Products<br/>\nCisco products were affected by the following vulnerabilities. \nCisco Product \tVulnerable Releases\tCVE IDs\nUnified CM\t Earlier than 14\t CVE-2021-1380, CVE-2021-1407, CVE-2021-1408, CVE-2021-1409\nUnified CM IMP\tEarlier than 14 CVE-2021-1409\nUnified CM SME\tEarlier than 14\t CVE-2021-1380, CVE-2021-1407, CVE-2021-1408, CVE-2021-1409\nUnity Connection\tEarlier than 14\t CVE-2021-1380, CVE-2021-1409\n\n<P>QID Detection Logic (Authenticated):<br/>The check matches the Cisco Unified Communications Product version retrieved via Unix Auth using &quot; Active Master Version:&quot; command.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:25Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "316943",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "unified_communications_manager_im_and_presence_service",

"VENDOR": "cisco"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-Q4PZcNzJ\" TARGET=\"_blank\">cisco-sa-cucm-xss-Q4PZcNzJ</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-Q4PZcNzJ\" TARGET=\"_blank\">cisco-sa-cucm-xss-Q4PZcNzJ</A>",

"TITLE": "Cisco Unified Communications Manager IM and Presence Service Cross-Site Scripting Vulnerabilities(cisco-sa-cucm-xss-Q4PZcNzJ)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-cucm-xss-Q4PZcNzJ",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-Q4PZcNzJ"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "AIX",

"CONSEQUENCE": "An attacker could exploit this vulnerability to eavesdrop on all encrypted communications sent overthat TLS connection.(CVE-2020-1968)<br/>\nAn attacker could exploit this vulnerability to cause the application to crash (CVE-2020-1971).",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-1968",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1968"

},

{

"ID": "CVE-2020-1971",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971"

}

]

},

"DIAGNOSIS": "There are vulnerabilities in openssl.base that affect AIX.<P>\nAffected Platform:<br/>AIX 7.1, 7.2<br/>\nNote: The detection requires root privileges to run &quot;emgr -c&quot; to check for patches. In absence of such privileges, the detection may not output actual results.<P>\nQID Detection Logic (Authenticated):<br/>\nThe detection checks for installed packages version via command : - &quot;lslpp -L&quot;. It also checks for interim fixes installed using the command &quot;emgr -c&quot; or &quot;instfix -k&quot;. The detection posts vulnerable if installed package version is less than patched version and interim fixes are also not installed.<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:03:13Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T11:33:21Z",

"QID": "330079",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "aix",

"VENDOR": "ibm"

}

},

"SOLUTION": "The vendor has released fixes to <A HREF=\"https://aix.software.ibm.com/aix/efixes/security/openssl_advisory32.asc\" TARGET=\"_blank\">resolve</A> this vulnerability. \n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://aix.software.ibm.com/aix/efixes/security/openssl_advisory32.asc\" TARGET=\"_blank\">openssl_advisory32</A>",

"TITLE": "IBM AIX Multiple Vulnerabilities in Open Secure Sockets Layer (OpenSSL) (openssl_advisory32)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "openssl_advisory32",

"URL": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory32.asc"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Amazon Linux",

"CONSEQUENCE": "Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21300",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21300"

}

},

"DIAGNOSIS": "&lt;DIV&gt;\n Issue Overview:\n <P>Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-21300\" TARGET=\"_blank\">CVE-2021-21300 </A>)</P>\n &lt;/DIV&gt;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "352255",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "fedora",

"VENDOR": "fedoraproject"

},

{

"PRODUCT": "git",

"VENDOR": "git-scm"

}

]

},

"SOLUTION": "Please refer to Amazon advisory <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1490.html\" TARGET=\"_blank\">ALAS-2021-1490</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1490.html\" TARGET=\"_blank\">ALAS-2021-1490: Amazon Linux (git (2.18.5-2.73.amzn1) on noarch)</A><P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1490.html\" TARGET=\"_blank\">ALAS-2021-1490: Amazon Linux (git (2.18.5-2.73.amzn1) on x86_64)</A><P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1490.html\" TARGET=\"_blank\">ALAS-2021-1490: Amazon Linux (git (2.18.5-2.73.amzn1) on src)</A><P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1490.html\" TARGET=\"_blank\">ALAS-2021-1490: Amazon Linux (git (2.18.5-2.73.amzn1) on i686)</A>",

"TITLE": "Amazon Linux Security Advisory for git: ALAS-2021-1490",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ALAS-2021-1490",

"URL": "https://alas.aws.amazon.com/ALAS-2021-1490.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Amazon Linux",

"CONSEQUENCE": "Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-9484",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484"

},

{

"ID": "CVE-2021-25122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"

}

]

},

"DIAGNOSIS": "&lt;DIV&gt;\n Issue Overview:\n <P>A deserialization flaw was discovered in Apache Tomcat's use of a FileStore. Under specific circumstances, an attacker can use a specially crafted request to trigger Remote Code Execution through deserialization of the file under their control. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2020-9484\" TARGET=\"_blank\">CVE-2020-9484 </A>)</P><P>When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-25122\" TARGET=\"_blank\">CVE-2021-25122 </A>)</P>\n &lt;/DIV&gt;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "352256",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "ubuntu_linux",

"VENDOR": "canonical"

},

{

"PRODUCT": "fedora",

"VENDOR": "fedoraproject"

}

]

},

"SOLUTION": "Please refer to Amazon advisory <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1491.html\" TARGET=\"_blank\">ALAS-2021-1491</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1491.html\" TARGET=\"_blank\">ALAS-2021-1491: Amazon Linux (tomcat8 (8.5.63-1.87.amzn1) on src)</A><P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1491.html\" TARGET=\"_blank\">ALAS-2021-1491: Amazon Linux (tomcat8 (8.5.63-1.87.amzn1) on noarch)</A>",

"TITLE": "Amazon Linux Security Advisory for tomcat8: ALAS-2021-1491",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ALAS-2021-1491",

"URL": "https://alas.aws.amazon.com/ALAS-2021-1491.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Amazon Linux",

"CONSEQUENCE": "Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21300",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21300"

}

},

"DIAGNOSIS": "&lt;DIV&gt;\n Issue Overview:\n <P>Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-21300\" TARGET=\"_blank\">CVE-2021-21300 </A>)</P>\n &lt;/DIV&gt;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "352257",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "fedora",

"VENDOR": "fedoraproject"

},

{

"PRODUCT": "git",

"VENDOR": "git-scm"

}

]

},

"SOLUTION": "Please refer to Amazon advisory <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1621.html\" TARGET=\"_blank\">ALAS-2021-1621</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1621.html\" TARGET=\"_blank\">ALAS-2021-1621: Amazon Linux 2 (git (2.23.4-1.amzn2.0.1) on noarch)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1621.html\" TARGET=\"_blank\">ALAS-2021-1621: Amazon Linux 2 (git (2.23.4-1.amzn2.0.1) on aarch64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1621.html\" TARGET=\"_blank\">ALAS-2021-1621: Amazon Linux 2 (git (2.23.4-1.amzn2.0.1) on src)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1621.html\" TARGET=\"_blank\">ALAS-2021-1621: Amazon Linux 2 (git (2.23.4-1.amzn2.0.1) on x86_64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1621.html\" TARGET=\"_blank\">ALAS-2021-1621: Amazon Linux 2 (git (2.23.4-1.amzn2.0.1) on i686)</A>",

"TITLE": "Amazon Linux Security Advisory for git: ALAS2-2021-1621",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ALAS-2021-1621",

"URL": "https://alas.aws.amazon.com/AL2/ALAS-2021-1621.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Amazon Linux",

"CONSEQUENCE": "Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-3449",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449"

},

{

"ID": "CVE-2021-3450",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3450"

}

]

},

"DIAGNOSIS": "&lt;DIV&gt;\n Issue Overview:\n <P>A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signature_algorithms extension but includes a signature_algorithms_cert extension. The highest threat from this vulnerability is to system availability. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-3449\" TARGET=\"_blank\">CVE-2021-3449 </A>)</P><P>A flaw was found in openssl. The flag that enables additional security checks of certificates present in a certificate chain was not enabled allowing a confirmation step to verify that certificates in the chain are valid CA certificates is bypassed. The highest threat from this vulnerability is to data confidentiality and integrity. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-3450\" TARGET=\"_blank\">CVE-2021-3450 </A>)</P>\n &lt;/DIV&gt;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-18T20:04:28Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "352258",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "openssl",

"VENDOR": "openssl"

},

{

"PRODUCT": "None",

"VENDOR": "openssl"

}

]

},

"SOLUTION": "Please refer to Amazon advisory <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1622.html\" TARGET=\"_blank\">ALAS-2021-1622</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1622.html\" TARGET=\"_blank\">ALAS-2021-1622: Amazon Linux 2 (openssl11 (1.1.1g-12.amzn2.0.3) on x86_64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1622.html\" TARGET=\"_blank\">ALAS-2021-1622: Amazon Linux 2 (openssl11 (1.1.1g-12.amzn2.0.3) on aarch64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1622.html\" TARGET=\"_blank\">ALAS-2021-1622: Amazon Linux 2 (openssl11 (1.1.1g-12.amzn2.0.3) on src)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1622.html\" TARGET=\"_blank\">ALAS-2021-1622: Amazon Linux 2 (openssl11 (1.1.1g-12.amzn2.0.3) on i686)</A>",

"TITLE": "Amazon Linux Security Advisory for Open Secure Sockets Layer (OpenSSL11): ALAS2-2021-1622",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ALAS-2021-1622",

"URL": "https://alas.aws.amazon.com/AL2/ALAS-2021-1622.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Amazon Linux",

"CONSEQUENCE": "Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-26937",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26937"

}

},

"DIAGNOSIS": "&lt;DIV&gt;\n Issue Overview:\n <P>A flaw was found in screen. A specially crafted sequence of combining characters could cause an out of bounds write leading to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-26937\" TARGET=\"_blank\">CVE-2021-26937 </A>)</P>\n &lt;/DIV&gt;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "352259",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "fedora",

"VENDOR": "fedoraproject"

},

{

"PRODUCT": "screen",

"VENDOR": "gnu"

}

]

},

"SOLUTION": "Please refer to Amazon advisory <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1623.html\" TARGET=\"_blank\">ALAS-2021-1623</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1623.html\" TARGET=\"_blank\">ALAS-2021-1623: Amazon Linux 2 (screen (4.1.0-0.27.20120314git3c2946.amzn2) on x86_64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1623.html\" TARGET=\"_blank\">ALAS-2021-1623: Amazon Linux 2 (screen (4.1.0-0.27.20120314git3c2946.amzn2) on aarch64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1623.html\" TARGET=\"_blank\">ALAS-2021-1623: Amazon Linux 2 (screen (4.1.0-0.27.20120314git3c2946.amzn2) on src)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1623.html\" TARGET=\"_blank\">ALAS-2021-1623: Amazon Linux 2 (screen (4.1.0-0.27.20120314git3c2946.amzn2) on i686)</A>",

"TITLE": "Amazon Linux Security Advisory for screen: ALAS2-2021-1623",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ALAS-2021-1623",

"URL": "https://alas.aws.amazon.com/AL2/ALAS-2021-1623.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Amazon Linux",

"CONSEQUENCE": "Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27803",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803"

}

},

"DIAGNOSIS": "&lt;DIV&gt;\n Issue Overview:\n <P>A flaw was found in the wpa_supplicant, in the way it processes P2P (Wi-Fi Direct) provision discovery requests. This flaw allows an attacker who is within radio range of the device running P2P discovery to cause termination of the wpa_supplicant process or potentially cause code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-27803\" TARGET=\"_blank\">CVE-2021-27803 </A>)</P>\n &lt;/DIV&gt;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "352260",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "fedora",

"VENDOR": "fedoraproject"

},

{

"PRODUCT": "wpa_supplicant",

"VENDOR": "w1.fi"

}

]

},

"SOLUTION": "Please refer to Amazon advisory <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1624.html\" TARGET=\"_blank\">ALAS-2021-1624</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1624.html\" TARGET=\"_blank\">ALAS-2021-1624: Amazon Linux 2 (wpa_supplicant (2.6-12.amzn2.2.1) on x86_64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1624.html\" TARGET=\"_blank\">ALAS-2021-1624: Amazon Linux 2 (wpa_supplicant (2.6-12.amzn2.2.1) on aarch64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1624.html\" TARGET=\"_blank\">ALAS-2021-1624: Amazon Linux 2 (wpa_supplicant (2.6-12.amzn2.2.1) on src)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1624.html\" TARGET=\"_blank\">ALAS-2021-1624: Amazon Linux 2 (wpa_supplicant (2.6-12.amzn2.2.1) on i686)</A>",

"TITLE": "Amazon Linux Security Advisory for wpa_supplicant: ALAS2-2021-1624",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ALAS-2021-1624",

"URL": "https://alas.aws.amazon.com/AL2/ALAS-2021-1624.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Amazon Linux",

"CONSEQUENCE": "Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-26937",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26937"

}

},

"DIAGNOSIS": "&lt;DIV&gt;\n Issue Overview:\n <P>A flaw was found in screen. A specially crafted sequence of combining characters could cause an out of bounds write leading to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-26937\" TARGET=\"_blank\">CVE-2021-26937 </A>)</P>\n &lt;/DIV&gt;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "352261",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "fedora",

"VENDOR": "fedoraproject"

},

{

"PRODUCT": "screen",

"VENDOR": "gnu"

}

]

},

"SOLUTION": "Please refer to Amazon advisory <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1492.html\" TARGET=\"_blank\">ALAS-2021-1492</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1492.html\" TARGET=\"_blank\">ALAS-2021-1492: Amazon Linux (screen (4.0.3-19.7.amzn1) on x86_64)</A><P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1492.html\" TARGET=\"_blank\">ALAS-2021-1492: Amazon Linux (screen (4.0.3-19.7.amzn1) on i686)</A><P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1492.html\" TARGET=\"_blank\">ALAS-2021-1492: Amazon Linux (screen (4.0.3-19.7.amzn1) on src)</A>",

"TITLE": "Amazon Linux Security Advisory for screen: ALAS-2021-1492",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ALAS-2021-1492",

"URL": "https://alas.aws.amazon.com/ALAS-2021-1492.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Amazon Linux",

"CONSEQUENCE": "Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-9484",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484"

},

{

"ID": "CVE-2021-25329",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329"

}

]

},

"DIAGNOSIS": "&lt;DIV&gt;\n Issue Overview:\n <P>A deserialization flaw was discovered in Apache Tomcat's use of a FileStore. Under specific circumstances, an attacker can use a specially crafted request to trigger Remote Code Execution through deserialization of the file under their control. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2020-9484\" TARGET=\"_blank\">CVE-2020-9484 </A>)</P><P>The fix for <A HREF=\"https://access.redhat.com/security/cve/CVE-2020-9484\" TARGET=\"_blank\">CVE-2020-9484 </A> was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to <A HREF=\"https://access.redhat.com/security/cve/CVE-2020-9494\" TARGET=\"_blank\">CVE-2020-9494 </A>. Note that both the previously published prerequisites for <A HREF=\"https://access.redhat.com/security/cve/CVE-2020-9484\" TARGET=\"_blank\">CVE-2020-9484 </A> and the previously published mitigations for <A HREF=\"https://access.redhat.com/security/cve/CVE-2020-9484\" TARGET=\"_blank\">CVE-2020-9484 </A> also apply to this issue. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-25329\" TARGET=\"_blank\">CVE-2021-25329 </A>)</P>\n &lt;/DIV&gt;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "352262",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "ubuntu_linux",

"VENDOR": "canonical"

},

{

"PRODUCT": "fedora",

"VENDOR": "fedoraproject"

}

]

},

"SOLUTION": "Please refer to Amazon advisory <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1493.html\" TARGET=\"_blank\">ALAS-2021-1493</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1493.html\" TARGET=\"_blank\">ALAS-2021-1493: Amazon Linux (tomcat7 (7.0.108-1.40.amzn1) on src)</A><P> <A HREF=\"https://alas.aws.amazon.com/ALAS-2021-1493.html\" TARGET=\"_blank\">ALAS-2021-1493: Amazon Linux (tomcat7 (7.0.108-1.40.amzn1) on noarch)</A>",

"TITLE": "Amazon Linux Security Advisory for tomcat7: ALAS-2021-1493",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ALAS-2021-1493",

"URL": "https://alas.aws.amazon.com/ALAS-2021-1493.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Amazon Linux",

"CONSEQUENCE": "Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21381",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21381"

}

},

"DIAGNOSIS": "&lt;DIV&gt;\n Issue Overview:\n <P>A sandbox escape flaw was found in the way flatpak handled special tokens in &quot;.desktop&quot; files. This flaw allows an attacker to gain access to files that are not ordinarily allowed by the app's permissions. The highest threat from this vulnerability is to confidentiality and integrity. (<A HREF=\"https://access.redhat.com/security/cve/CVE-2021-21381\" TARGET=\"_blank\">CVE-2021-21381 </A>)</P>\n &lt;/DIV&gt;",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "352263",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "fedora",

"VENDOR": "fedoraproject"

},

{

"PRODUCT": "flatpak",

"VENDOR": "flatpak"

}

]

},

"SOLUTION": "Please refer to Amazon advisory <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1625.html\" TARGET=\"_blank\">ALAS-2021-1625</A> for affected packages and patching details, or update with your package manager.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1625.html\" TARGET=\"_blank\">ALAS-2021-1625: Amazon Linux 2 (flatpak (1.0.9-10.amzn2.0.1) on x86_64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1625.html\" TARGET=\"_blank\">ALAS-2021-1625: Amazon Linux 2 (flatpak (1.0.9-10.amzn2.0.1) on aarch64)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1625.html\" TARGET=\"_blank\">ALAS-2021-1625: Amazon Linux 2 (flatpak (1.0.9-10.amzn2.0.1) on src)</A><P> <A HREF=\"https://alas.aws.amazon.com/AL2/ALAS-2021-1625.html\" TARGET=\"_blank\">ALAS-2021-1625: Amazon Linux 2 (flatpak (1.0.9-10.amzn2.0.1) on i686)</A>",

"TITLE": "Amazon Linux Security Advisory for flatpak: ALAS2-2021-1625",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "ALAS-2021-1625",

"URL": "https://alas.aws.amazon.com/AL2/ALAS-2021-1625.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "This vulnerability could be exploited to change contents or configuration on the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2018-11516",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11516"

}

},

"DIAGNOSIS": "VLC is a cross-platform media player.<P>\n\nA remote user can create a specially crafted swf file that, when loaded by the target user, will trigger a heap use after free in Demux() (demux/avformat/demux.c)\n\nAffected Versions:<br/>\nVLC media player 3.0.0 and 3.0.1",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "375218",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "vlc",

"VENDOR": "videolan"

}

},

"SOLUTION": "The vendor has released updates to resolve this issue. Refer to <A HREF=\"https://www.videolan.org/security/sa1801.html\" TARGET=\"_blank\">Security Advisory 1801</A> to obtain additional details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.videolan.org/security/sa1801.html\" TARGET=\"_blank\">Security Advisory 1801</A>",

"TITLE": "VLC Media Player Remote Code Execution Vulnerability (VideoLAN-SA-1801)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "VideoLAN-SA-1801",

"URL": "https://www.videolan.org/security/sa1801.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "An arbitrary attacker may exploit this vulnerability to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-12695",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695"

}

},

"DIAGNOSIS": "Euler has released security update for wpa_supplicant to fix the vulnerabilities.<P>\nAffected OS: EulerOS V2.0SP2<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "375223",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "wpa_supplicant",

"VENDOR": "euleros"

}

},

"SOLUTION": "The Vendor has released security update to fix the vulnerability. For more information please visit <A HREF=\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1372\" TARGET=\"_blank\">EulerOS-SA-2021-1372</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1372\" TARGET=\"_blank\">EulerOS-SA-2021-1372</A>",

"TITLE": "EulerOS Security Update for wpa_supplicant (EulerOS-SA-2021-1372)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "EulerOS-SA-2021-1372",

"URL": "https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1372"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "An arbitrary attacker may exploit this vulnerability to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2018-17407",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17407"

}

},

"DIAGNOSIS": "Euler has released security update for texlive to fix the vulnerabilities.<P>\nAffected OS: EulerOS V2.0SP2<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-29T12:31:59Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "375227",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "texlive",

"VENDOR": "euleros"

}

},

"SOLUTION": "The Vendor has released security update to fix the vulnerability. For more information please visit <A HREF=\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1368\" TARGET=\"_blank\">EulerOS-SA-2021-1368</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1368\" TARGET=\"_blank\">EulerOS-SA-2021-1368</A>",

"TITLE": "EulerOS Security Update for texlive (EulerOS-SA-2021-1368)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "EulerOS-SA-2021-1368",

"URL": "https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1368"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "An arbitrary attacker may exploit this vulnerability to compromise the system.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2018-11782",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11782"

}

},

"DIAGNOSIS": "Euler has released security update for subversion to fix the vulnerabilities.<P>\nAffected OS: EulerOS V2.0SP2<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "375230",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "subversion",

"VENDOR": "euleros"

}

},

"SOLUTION": "The Vendor has released security update to fix the vulnerability. For more information please visit <A HREF=\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1365\" TARGET=\"_blank\">EulerOS-SA-2021-1365</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1365\" TARGET=\"_blank\">EulerOS-SA-2021-1365</A>",

"TITLE": "EulerOS Security Update for subversion (EulerOS-SA-2021-1365)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "EulerOS-SA-2021-1365",

"URL": "https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1365"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "An arbitrary attacker may exploit this vulnerability to compromise the system.",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": {

"DESC": "Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution - The Exploit-DB Ref : 49754",

"LINK": "http://www.exploit-db.com/exploits/49754",

"REF": "CVE-2020-12352"

}

},

"SRC_NAME": "The Exploit-DB"

}

}

},

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-36158",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36158"

},

{

"ID": "CVE-2020-25656",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25656"

},

{

"ID": "CVE-2020-14351",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14351"

},

{

"ID": "CVE-2020-27777",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27777"

},

{

"ID": "CVE-2020-29661",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29661"

},

{

"ID": "CVE-2020-29660",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29660"

},

{

"ID": "CVE-2019-20934",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20934"

},

{

"ID": "CVE-2020-27786",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27786"

},

{

"ID": "CVE-2020-29371",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29371"

},

{

"ID": "CVE-2019-9456",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9456"

},

{

"ID": "CVE-2020-10773",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10773"

},

{

"ID": "CVE-2020-12114",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12114"

},

{

"ID": "CVE-2020-14305",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14305"

},

{

"ID": "CVE-2020-15436",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15436"

},

{

"ID": "CVE-2020-15437",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15437"

},

{

"ID": "CVE-2020-28915",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28915"

},

{

"ID": "CVE-2020-28974",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28974"

},

{

"ID": "CVE-2020-0305",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0305"

},

{

"ID": "CVE-2020-12352",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12352"

}

]

},

"DIAGNOSIS": "Euler has released security update for kernel to fix the vulnerabilities.<P>\nAffected OS: EulerOS V2.0SP2<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "375284",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "kernel",

"VENDOR": "euleros"

}

},

"SOLUTION": "The Vendor has released security update to fix the vulnerability. For more information please visit <A HREF=\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1311\" TARGET=\"_blank\">EulerOS-SA-2021-1311</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1311\" TARGET=\"_blank\">EulerOS-SA-2021-1311</A>",

"TITLE": "EulerOS Security Update for kernel (EulerOS-SA-2021-1311)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "EulerOS-SA-2021-1311",

"URL": "https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1311"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of this vulnerability can lead to local privilege escalation.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-3162",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3162"

}

},

"DIAGNOSIS": "Docker Desktop Community on macOS mishandles certificate checking, leading to local privilege escalation.<P>\nAffecetd Version:<br/>Docker Desktop Community before 2.5.0.0 on MacOSX<P>\nQID Detection Logic:(Authenticated)<br/>It checks for vulnerable version of Docker.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "375318",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "docker",

"VENDOR": "docker"

}

},

"SOLUTION": "The Vendor has released a fix in <A HREF=\"https://docs.docker.com/docker-for-mac/release-notes/#docker-desktop-community-2500\" TARGET=\"_blank\">Docker Desktop Community 2.5.0.0</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://desktop.docker.com/mac/stable/49427/Docker.dmg\" TARGET=\"_blank\">Docker Desktop Community</A>",

"TITLE": "Docker Desktop Community Local Privilege Escalation Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-3162",

"URL": "https://docs.docker.com/docker-for-mac/release-notes/#docker-desktop-community-2500"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "On successfully exploited it could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-27619",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27619"

}

},

"DIAGNOSIS": "Python is an interpreted, high-level and general-purpose programming language.<P>\nPython versions 3.0.0 through 3.9.0 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).<P>\nAffected Versions <br/>\nPython versions 3.0.0 through 3.9.0 <P>\nQID Detection Logic(Authenticated):<br/>\nThis checks for version information from patchlevel.h file for the older versions and checks for file version of py.exe for the latest series.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-03T12:30:46Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "375320",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "python",

"VENDOR": "python"

}

},

"SOLUTION": "Vendor has release fix to this issue.<br/>\nRefer to issue tracker<A HREF=\"https://bugs.python.org/issue41944\" TARGET=\"_blank\">here</A> to address this vulnerability and obtain further details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://bugs.python.org/issue41944\" TARGET=\"_blank\">CVE-2020-27619: WIndows</A>",

"TITLE": "Python 3 Denial of Service (DoS) Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2020-27619",

"URL": "https://bugs.python.org/issue41944"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "On successful exploit the attacker may cause denial of service on the affected target.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-3881",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3881"

},

{

"ID": "CVE-2021-22171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22171"

},

{

"ID": "CVE-2021-22166",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22166"

},

{

"ID": "CVE-2021-22167",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22167"

},

{

"ID": "CVE-2021-22168",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22168"

},

{

"ID": "CVE-2020-26414",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26414"

}

]

},

"DIAGNOSIS": "GitLab, the software, is a web-based Git repository manager with wiki and issue tracking features.<P>\nThe GitLab update fixes the following vulnerabilities:<br/>\n\nCVE-2021-22171 : Ability to steal a user's API access token through GitLab Pages<P>\nCVE-2021-22166 : Prometheus denial of service via HTTP request with custom method<P>\nCVE-2021-22167: Unauthorized user is able to access private repository information under specific conditions<P>\nCVE-2021-22168: Regular expression denial of service in NuGet API<P>\nCVE-2020-26414: Regular expression denial of service in package uploads<P>\n\nAffected Versions:<br/>\nGitLab Community Edition (CE) and Enterprise Edition (EE): \n CVE-2021-22171: From 11.5.0 Prior to 13.5.6 and From 13.6.0 prior to 13.6.4 and From 13.7.0 prior to 13.7.2\n CVE-2021-22166: From 13.7.0 Prior to 13.7.2 and From 13.6.0 prior to 13.6.4 and From 13.7.0 prior to 13.7.2\n CVE-2021-22167: From 12.1 Prior to 13.5.6 and From 13.6.0 prior to 13.6.4 and From 13.7.0 prior to 13.7.2\n CVE-2021-22168: From 12.8 Prior to 13.5.6 and From 13.6.0 prior to 13.6.4 and From 13.7.0 prior to 13.7.2\n CVE-2020-26414: From 12.4 Prior to 13.5.6 and From 13.6.0 prior to 13.6.4 and From 13.7.0 prior to 13.7.2\n\nQID Detection Logic:(Authenticated)<br/>\nIt fires gitlab-rake gitlab:env:info command to check vulnerable version of GitLab.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-14T11:33:22Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T11:33:22Z",

"QID": "375379",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "gitlab",

"VENDOR": "gitlab"

}

},

"SOLUTION": "The vendor has released patch, For more information please visit <A HREF=\"https://about.gitlab.com/releases/2021/01/07/security-release-gitlab-13-7-2-released/\" TARGET=\"_blank\">gitlab-13-7-2 </A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://about.gitlab.com/releases/2021/01/07/security-release-gitlab-13-7-2-released/\" TARGET=\"_blank\">gitlab-13-7-2</A>",

"TITLE": "GitLab Multiple Security Vulnerabilities(gitlab-13-7-2)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "gitlab-13-7-2",

"URL": "https://about.gitlab.com/releases/2021/01/07/security-release-gitlab-13-7-2-released/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation could affect confidentiality and integrity.<br/>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-22186",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22186"

}

},

"DIAGNOSIS": "GitLab, the software, is a web-based Git repository manager with wiki and issue tracking features.<P>\n\nCVE-2021-22186 - An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group owners.<P>\n\nAffected Versions:<br/>GitLab Community Edition (CE) and Enterprise Edition (EE): <br/>\nGitLab CE/EE version version 9.4 and up, and prior to patch versions 13.9.2, 13.8.5 and 13.7.8<P>\n\nQID Detection Logic:(Authenticated)<br/>It fires gitlab-rake gitlab:env:info command to check vulnerable version of GitLab.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T01:55:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "375401",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "gitlab",

"VENDOR": "gitlab"

}

},

"SOLUTION": "The vendor has released patch, For more information please visit <A HREF=\"https://about.gitlab.com/releases/2021/03/04/security-release-gitlab-13-9-2-released/\" TARGET=\"_blank\">gitlab-13-9-2 </A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://about.gitlab.com/releases/2021/03/04/security-release-gitlab-13-9-2-released/\" TARGET=\"_blank\">gitlab-13-9-2</A>",

"TITLE": "Gitlab Group Maintainers Unrestricted Access Vulnerability (gitlab-13-9-2)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "security-release-gitlab-13-9-2-released",

"URL": "https://about.gitlab.com/releases/2021/03/04/security-release-gitlab-13-9-2-released/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Application could be exposed to Out-of-Bounds Read vulnerability and crash, which could be exploited by attackers to execute remote code.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27270",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27270"

}

},

"DIAGNOSIS": "Foxit Reader is a multilingual freemium PDF tool that can create, view, edit, digitally sign, and print PDF files.<br/>\nFoxit PhantomPDF Suite is a business ready PDF toolkit, used to create professional PDF documents.<P>\n\nCVE-2021-27270 Addressed a potential issue where the application could be exposed to Out-of-Bounds Read vulnerability and crash<P>\n\nAffected versions:<br/>\nFoxit Reader 10.1.1.37576 and earlier<br/>\nFoxit PhantomPDF \t10.1.1.37576 and earlier and earlier<P>\n\nQID detection logic:(Authenticated)<br/>\nThis QID checks Windows Registry to get Foxit Reader and Foxit PhantomPDF installation path and then reads corresponding executable((FoxitReader.exe/FoxitPhantomPDF.exe)) to see if it's running a vulnerable version.<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-05T13:40:50Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "375411",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "foxit_phantom",

"VENDOR": "foxit"

},

{

"PRODUCT": "foxit_reader",

"VENDOR": "foxit"

}

]

},

"SOLUTION": "The vendor has issued a fix. For more information please visit <A HREF=\"https://www.foxitsoftware.com/support/security-bulletins.html\" TARGET=\"_blank\">advisory</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.foxitsoftware.com/support/security-bulletins.html\" TARGET=\"_blank\">CVE-2021-27270</A>",

"TITLE": "Foxit Reader and Foxit PhantomPDF Remote Code Execution Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-27270",

"URL": "https://www.foxitsoftware.com/support/security-bulletins.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Processing maliciously crafted web content may lead to arbitrary code execution<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1844",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1844"

}

},

"DIAGNOSIS": "<P>Safari is a Web-browser developed by Apple which is based on the WebKit engine.<br/>\n\n<P>Affected Versions:<br/>\nApple safari 14.0.3 prior build number 14610.4.3.1.7 on macOS Mojave and 15610.4.3.1.7 on macOS Catalina.<br/>\n\n<P>Fixed versions: <br/>\nThe build number for Safari 14.0.3 is 14610.4.3.1.7 on macOS Mojave and 15610.4.3.1.7 on macOS Catalina.<br/>\n\n<P>QID Detection Logic (Authenticated)<br/>\nThis checks for vulnerable versions of Apple Safari <P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "375421",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "safari",

"VENDOR": "apple"

}

},

"SOLUTION": "The apple browser safari need to be upgrade to latest build number for Safari 14.0.3 is 14610.4.3.1.7 on macOS Mojave and 15610.4.3.1.7 on macOS Catalina.<br/>\n\nFor more information regarding the update <A HREF=\"https://support.apple.com/en-us/HT212223\" TARGET=\"_blank\">HT212223</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://support.apple.com/en-us/HT212223\" TARGET=\"_blank\">HT212223</A>",

"TITLE": "Apple Safari Arbitrary Code Execution Vulnerability(HT212223)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "HT212223",

"URL": "https://support.apple.com/en-us/HT212223"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "On Successful exploitation a malicious third party could trigger either a crash of VLC or an arbitratry code execution with the privileges of the target user.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2011-3333",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3333"

}

},

"DIAGNOSIS": "VLC is a cross-platform media player.<P>\n\nA remote user could create a specifically crafted file that could trigger some various issues, notably 2 read buffer overflows, and some invalid pointers being dereferenced.\n\nAffected Versions:<br/>\nVLC Prior to 1.1.11<P>\n\nQID Detection Logic (Authentication)<br/>\nThis QID Checks For Vulnerable Version Of VLC",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-13T11:42:09Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "375424",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "vlc_media_player",

"VENDOR": "vlc"

}

},

"SOLUTION": "The vendor has released updates to resolve this issue. Refer to <A HREF=\"https://www.videolan.org/security/sa1107.html\" TARGET=\"_blank\">Security Advisory VideoLAN-SA-1107</A> to obtain additional details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.videolan.org/security/sa1107.html\" TARGET=\"_blank\">VideoLAN-SA-1107: Windows</A>",

"TITLE": "VideoLAN VLC NULL Dereference Vulnerability (VideoLAN-SA-1107)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "VideoLAN-SA-1107",

"URL": "https://www.videolan.org/security/sa1107.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all BI Publisher accessible data as well as unauthorized update, insert or delete access to some of BI Publisher accessible data.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-14880",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14880"

},

{

"ID": "CVE-2020-14784",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14784"

},

{

"ID": "CVE-2020-14842",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14842"

},

{

"ID": "CVE-2020-14780",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14780"

},

{

"ID": "CVE-2020-14879",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14879"

},

{

"ID": "CVE-2019-11358",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358"

}

]

},

"DIAGNOSIS": "Oracle BI Publisher is a strategic enterprise reporting product from Oracle that provides the ability to create and manage highly formatted reports from a wide range of data sources.<P>\nCVE-2020-14880: Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0.<br/>\nCVE-2020-14784: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0<br/>\nCVE-2020-14842: Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security)<br/>\nCVE-2020-14780: Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security)<br/>\nCVE-2020-14879: Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO)<br/>\nCVE-2019-11358: Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security (jQuery)).<P>\n\nAffected Version:<br/>\nOracle BI Publisher Versions 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0<P>\n\nDetection Logic(Authenticated):<br/>\nThis QID will check the version detail from registry value.\n\nNOTE: Oracle BI Publisher version 5.5.0.0.0 is not supported in this QID.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-01T13:01:30Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "375425",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "bi publisher",

"VENDOR": "ibm"

}

},

"SOLUTION": "The vendor has released patches. Please visit <A HREF=\"https://www.oracle.com/security-alerts/cpuoct2020.html\" TARGET=\"_blank\">CPUOCT2020</A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.oracle.com/security-alerts/cpuoct2020.html\" TARGET=\"_blank\">CPUOCT2020</A>",

"TITLE": "Oracle BI Publisher Multiple Vulnerabilities(CPUOCT2020)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CPUOCT2020",

"URL": "https://www.oracle.com/security-alerts/cpuoct2020.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of these vulnerabilities could affect Confidentiality, Integrity and Availability.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21194",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21194"

},

{

"ID": "CVE-2021-21195",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21195"

},

{

"ID": "CVE-2021-21196",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21196"

},

{

"ID": "CVE-2021-21197",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21197"

},

{

"ID": "CVE-2021-21198",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21198"

},

{

"ID": "CVE-2021-21199",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21199"

}

]

},

"DIAGNOSIS": "Google Chrome is a web browser for multiple platforms developed by Google.<P>\n\nAffected Versions:<br/>\nGoogle Chrome Prior to 89.0.4389.114<P>\n\nQID Detection Logic(Authenticated):<br/>\nThis QID checks for vulnerable versions of Google Chrome on Windows, MAC OS, and Linux OS.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-22T16:14:09Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-01T13:01:30Z",

"QID": "375426",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "chrome",

"VENDOR": "google"

}

},

"SOLUTION": "Customers are advised to upgrade to latest version 89.0.4389.114<br/>For further details refer to <A HREF=\"https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html\" TARGET=\"_blank\">Google Chrome89.0.4389.114</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html\" TARGET=\"_blank\">89.0.4389.114</A>",

"TITLE": "Google Chrome Prior To 89.0.4389.114 Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "89.0.4389.114",

"URL": "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-25756",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25756"

}

},

"DIAGNOSIS": "IntelliJ IDEA is an integrated development environment written in Java for developing computer software<P>\n\nAffected Versions:<br/>\nBefore 2020.2.0.0<P>\n\nQID Detection Logic(Authenticated)<br/>\nThis QID detects the vulnerable version by checking the JetBrains Intellij IDEA.exe file version.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T05:40:07Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:50Z",

"QID": "375429",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "intellij idea",

"VENDOR": "jetbrains"

}

},

"SOLUTION": "Refer to JetBrains advisory <A HREF=\"https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/\" TARGET=\"_blank\">IDEA-228726</A> for affected packages and patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/\" TARGET=\"_blank\">IDEA-228726</A>",

"TITLE": "JetBrains Intellij IDEA Unsecured HTTP Links Usage Vulnerability (IDEA-228726)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "IDEA-228726",

"URL": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation could affects on integrity, confidentiality and availability<P>",

"DIAGNOSIS": "SeaMonkey is a free and open-source Internet suite.It is a suite of applications that includes a browser and an email client.<P>\n\nSeaMonkey has released new updates to address multiple vulnerabilities.\n<P>Affected Versions: <br/>\nSeaMonkey prior to 2.53.7\n\n<P>QID Detection Logic (Authenticated) <br/>\nThis QID checks for vulnerable versions of SeaMonkey.<P>\n\nNote:Mozilla Security Updates also contains Security fixes for SeaMonkey.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-12T13:50:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-12T13:50:00Z",

"QID": "375430",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "seamonkey",

"VENDOR": "mozilla"

}

},

"SOLUTION": "The vendor has released advisory and updates to fix these vulnerabilities. Refer to <A HREF=\"https://www.seamonkey-project.org/releases/seamonkey2.53.7/\" TARGET=\"_blank\">SeaMonkey Releases </A> for more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.seamonkey-project.org/releases/seamonkey2.53.7/\" TARGET=\"_blank\">SeaMonkey Advisory</A>",

"TITLE": "SeaMonkey Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SeaMonkey Advisory",

"URL": "https://www.seamonkey-project.org/releases/seamonkey2.53.7/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of this vulnerability could allows attackers to bypass access control that is based on IP addresses.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-29418",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29418"

},

{

"ID": "CVE-2021-28918",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28918"

}

]

},

"DIAGNOSIS": "NPM is a package manager for the JavaScript programming language. It is the default package manager for the JavaScript runtime environment Node.js.<P>\nThe Netmask class parses and understands IPv4 CIDR blocks so they can be explored and compared.<P>\nCVE-2021-29418: The netmask package before 2.0.1 for Node.js mishandles certain unexpected characters in an IP address string, such as an octal digit of 9<br/>\n\nAffected versions:<br/>\nNetmask Package before version to 2.0.1 <P>\n\nQID Detection logic:(Authenticated)<br/>\nIt will execute command npm list | grep 'netmask' command to check the systeminformation version <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T12:04:03Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "375431",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "netmask",

"VENDOR": "npm"

}

},

"SOLUTION": "Customers are advised to update Netmask package 2.0.1 or later . Please refer the Vendor advisory link <A HREF=\"https://www.npmjs.com/package/netmask\" TARGET=\"_blank\">Netmask </A>\n\n\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.npmjs.com/package/netmask\" TARGET=\"_blank\">Netmask</A>",

"TITLE": "Npm Package Netmask Octal Input Data Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Netmask",

"URL": "https://www.npmjs.com/package/netmask"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Potentially insecure deserialization of the workspace model could lead to local code execution.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-25758",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25758"

}

},

"DIAGNOSIS": "IntelliJ IDEA is an integrated development environment written in Java for developing computer software<P>\n\nAffected Versions:<br/>\nBefore 2020.3.0.0<P>\n\nQID Detection Logic(Authenticated)<br/>\nThis QID detects the vulnerable version by checking the JetBrains Intellij IDEA.exe file version.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "375432",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "intellij idea",

"VENDOR": "jetbrains"

}

},

"SOLUTION": "Refer to JetBrains advisory <A HREF=\"https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/\" TARGET=\"_blank\">IDEA-253582</A> for affected packages and patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/\" TARGET=\"_blank\">IDEA-253582</A>",

"TITLE": "JetBrains Intellij IDEA Potentially Insecure Deserialization Vulnerability (IDEA-253582)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "IDEA-253582",

"URL": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "An authenticated user can force Tableau Server to send emails to other Tableau Server users with an arbitrary URL<P>\nAn authenticated attacker with low privileges can send crafted message to Tableau Server that makes Tableau Server unresponsive for an extended period of time.<P>\nA Tableau user can craft phishing emails to other Tableau Server users.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1629",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1629"

}

},

"DIAGNOSIS": "Tableau Server is a Business Intelligence application that allows its users to organize, edit, share, and collaborate on Tableau dashboards.<P>\nTableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users.<P>\nBackground image edit command cause vizql server process to crash within Tableau Server.<P>\nHTML characters are not properly encoded in emails sent to users for data driven alerts.<P>\nAffected Versions:<br/>\nTableau Server on Linux 2018.2 through 2018.2.29<br/>\nTableau Server on Linux 2018.3 through 2018.3.28<br/>\nTableau Server on Linux 2019.1 through 2019.1.26<br/>\nTableau Server on Linux 2019.2 through 2019.2.22<br/>\nTableau Server on Linux 2019.3 through 2019.3.18<br/>\nTableau Server on Linux 2019.4 through 2019.4.17<br/>\nTableau Server on Linux 2020.1 through 2020.1.14<br/>\nTableau Server on Linux 2020.2 through 2020.2.11<br/>\nTableau Server on Linux 2020.3 through 2020.3.6<br/>\nTableau Server on Linux 2020.4 through 2020.4.2<br/><P>\nTableau Server on Windows 2018.2 through 2018.2.29<br/>\nTableau Server on Windows 2018.3 through 2018.3.28<br/>\nTableau Server on Windows 2019.1 through 2019.1.26<br/>\nTableau Server on Windows 2019.2 through 2019.2.22<br/>\nTableau Server on Windows 2019.3 through 2019.3.18<br/>\nTableau Server on Windows 2019.4 through 2019.4.17<br/>\nTableau Server on Windows 2020.1 through 2020.1.14<br/>\nTableau Server on Windows 2020.2 through 2020.2.11<br/>\nTableau Server on Windows 2020.3 through 2020.3.6<br/>\nTableau Server on Windows 2020.4 through 2020.4.2<br/>\n<P>\nQID Detection Logic (Authenticated)<br/>\nThis QID checks for the file version of tabsvc.exe for Tableau Server<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:25Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "375433",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "tableau_server",

"VENDOR": "tableau"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://help.salesforce.com/articleView?id=000357424&type=1&mode=1\" TARGET=\"_blank\">ADV-2021-010</A> <A HREF=\"https://help.salesforce.com/articleView?id=000357453&type=1&mode=1\" TARGET=\"_blank\">ADV-2021-011</A> <A HREF=\"https://help.salesforce.com/articleView?id=000357454&type=1&mode=1\" TARGET=\"_blank\">ADV-2021-012</A>for information pertaining to remediating this vulnerability.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://help.salesforce.com/articleView?id=000357424&type=1&mode=1\" TARGET=\"_blank\">ADV-2021-010</A><P> <A HREF=\"https://help.salesforce.com/articleView?id=000357453&type=1&mode=1\" TARGET=\"_blank\">ADV-2021-011</A><P> <A HREF=\"https://help.salesforce.com/articleView?id=000357454&type=1&mode=1\" TARGET=\"_blank\">ADV-2021-012</A>",

"TITLE": "Tableau Server Multiple Vulnerabilities (ADV-2021-010,ADV-2021-011,ADV-2021-012)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "ADV-2021-010",

"URL": "https://help.salesforce.com/articleView?id=000357424&type=1&mode=1"

},

{

"ID": "ADV-2021-011",

"URL": "https://help.salesforce.com/articleView?id=000357453&type=1&mode=1"

},

{

"ID": "ADV-2021-012",

"URL": "https://help.salesforce.com/articleView?id=000357454&type=1&mode=1"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "On successful exploit the attacker may cause denial of service or unauthorized access on the affected target.",

"DIAGNOSIS": "GitLab, the software, is a web-based Git repository manager with wiki and issue tracking features.<P>\nAll versions starting from 13.9. crafted import file could read files on the server<br/>\nAll versions starting with 13.7.9. crafted Wiki page allowed attackers to read arbitrary files on the server<br/>\nAll versions starting from 13.4. It was possible to exploit a stored cross-site-scripting in merge request via a specifically crafted branch name<br/>\nAll versions starting with 12.6. Under a special condition, it was possible to access data of an internal repository through a public project fork as an anonymous user<br/>\nAll versions from 13.8 and above allowing an authenticated user to delete incident metric images of public projects<br/>\nAffects versions 13.8 and later dependency on OpenSSL has been upgraded<br/>\nAll versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access<br/>\nAll versions starting with 12.9. GitLab was vulnerable to a stored XSS if scoped labels were used<br/>\nAll versions 9.0 and later dependency on PostgreSQL to be upgraded.<P>\n\nAffected Versions:<br/>\nversions starting from 13.9.<br/>\nversions starting with 13.7.9.<br/>\nversions starting from 13.4.<br/>\nversions starting with 12.6.<br/>\nversions from 13.8 and above<br/>\nversions starting from 10.6<br/>\nversions starting with 12.9.<br/>\nversions 9.0 and later.<P>\nQID Detection Logic:(Authenticated)<br/>\nIt fires gitlab-rake gitlab:env:info command to check vulnerable version of GitLab.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-14T11:33:22Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T11:33:22Z",

"QID": "375434",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "gitlab",

"VENDOR": "gitlab"

}

},

"SOLUTION": "The vendor has released patch, For more information please visit <A HREF=\"https://about.gitlab.com/releases/2021/03/31/security-release-gitlab-13-10-1-released/\" TARGET=\"_blank\">gitlab-13-10-1</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://about.gitlab.com/releases/2021/03/31/security-release-gitlab-13-10-1-released/\" TARGET=\"_blank\">GitLab Security Release</A>",

"TITLE": "GitLab Multiple Security Vulnerabilities(gitlab- 13-10-1)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Gitlab",

"URL": "https://about.gitlab.com/releases/2021/03/31/security-release-gitlab-13-10-1-released/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successfully exploiting these issues may allow an attacker to do an unauthorized modification ,disclosure of information.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21616",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21616"

},

{

"ID": "CVE-2021-21617",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21617"

},

{

"ID": "CVE-2021-21618",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21618"

},

{

"ID": "CVE-2021-21619",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21619"

},

{

"ID": "CVE-2021-21620",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21620"

},

{

"ID": "CVE-2021-21621",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21621"

},

{

"ID": "CVE-2021-21622",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21622"

}

]

},

"DIAGNOSIS": "<P>Jenkins is an open-source automation server written in Java. Jenkins helps to automate the non-human part of the software development process, with continuous integration and facilitating technical aspects of continuous delivery.<P>\n\nCVE-2021-21616: Stored XSS vulnerability in Active Choices Plugin .<br/>\nCVE-2021-21617: CSRF vulnerability in Configuration Slicing Plugin .<br/>\nCVE-2021-21618: Stored XSS vulnerability in Repository Connector Plugin .<br/>\nCVE-2021-21619: XSS vulnerability in Claim Plugin.<br/>\nCVE-2021-21620: CSRF vulnerability in Claim Plugin.<br/>\nCVE-2021-21621: Support bundles can include user session IDs in Support Core Plugin.<br/>\nCVE-2021-21622: Stored XSS vulnerability in Artifact Repository Parameter Plugin.<br/>\n\n<P>Affected Versions:<br/>\nActive Choices Plugin up to and including 2.5.2<br/>\nArtifact Repository Parameter Plugin up to and including 1.0.0<br/>\nClaim Plugin up to and including 2.18.1<br/>\nConfiguration Slicing Plugin up to and including 1.51<br/>\nRepository Connector Plugin up to and including 2.0.2<br/>\nSupport Core Plugin up to and including 2.72<P>\n\n<P>QID Detection Logic:(Authenticated)<br/>\nThis QID checks for vulnerable versions of Jenkins plugin installed on the target.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-14T11:33:22Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T11:33:22Z",

"QID": "375437",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "jenkins",

"VENDOR": "jenkins"

}

},

"SOLUTION": "Customer are advised to update the installed plugins in Jenkins.<br/>\nFor more information visit <A HREF=\"https://www.jenkins.io/security/advisory/2021-02-24/\" TARGET=\"_blank\">Jenkins Security Advisory 2021-02-24</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.jenkins.io/security/advisory/2021-02-24/\" TARGET=\"_blank\">Jenkins Security Advisory 2021-02-24</A>",

"TITLE": "Jenkins Plugins Multiple Security Vulnerabilities(Jenkins Security Advisory 2021-02-24)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Jenkins Security Advisory 2021-02-24",

"URL": "https://www.jenkins.io/security/advisory/2021-02-24/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation could allow an attacker to inject a malicious file to trigger this vulnerability.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21773",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21773"

},

{

"ID": "CVE-2021-21776",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21776"

},

{

"ID": "CVE-2021-21782",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21782"

}

]

},

"DIAGNOSIS": "The ImageGear library is a document imaging developer toolkit providing all kinds of functionality related to image conversion, creation, editing, annotation, etc. It supports more than 100 formats, including many image formats, DICOM, PDF, Microsoft Office and others.<P>\n\nCVE-2021-21773: Accusoft ImageGear TIFF Header count processing out-of-bounds write vulnerability.<br/>\nCVE-2021-21776: Accusoft ImageGear SGI Format Buffer Size Processing out-of-bounds write vulnerability.<br/>\nCVE-2021-21782: Accusoft ImageGear SGI format buffer size processing out-of-bounds write vulnerability<br/>\n\nAffected Versions <br/>\nImageGear version 19.8<P>\n\nQID Detection Logic (Authenticated)<br/>\nThis checks for vulnerable version of igcore19d.dll file",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "375438",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "imagegear",

"VENDOR": "imagegear"

}

},

"SOLUTION": "Users are advised to update to latest version of ImageGear <A HREF=\"https://www.accusoft.com/products/imagegear-collection/\" TARGET=\"_blank\">here</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.accusoft.com/products/imagegear-collection/\" TARGET=\"_blank\">ImageGear</A>",

"TITLE": "ImageGear Multiple Vulnerabilities(TALOS-2021-1244,TALOS-2021-1227,TALOS-2021-1232)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "TALOS-2021-1227",

"URL": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1227"

},

{

"ID": "TALOS-2021-1244",

"URL": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1244"

},

{

"ID": "TALOS-2021-1232",

"URL": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1232"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "On Successful exploitation the attacker may be able to execute arbitrary code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-14364",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364"

},

{

"ID": "CVE-2018-17958",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17958"

}

]

},

"DIAGNOSIS": "<P>Citrix XenServer is an open source server virtualization platform based on the Xen hypervisor.<br/>\n\n<P>Several security issues have been identified in Citrix Hypervisor (formerly Citrix XenServer) that may<br/> allow privileged code in an HVM guest VM to execute code in the<br/> control domain, potentially compromising the host.\n\n<P>Affected Versions:<br/>\nCitrix Hypervisor 8.2 LTSR, Citrix Hypervisor 8.1,Citrix Hypervisor 8.0,Citrix XenServer 7.1 LTSR ,Citrix XenServer 7.0\nNote: No Support for Citirix Hypervisor only for Citrix XenServer 7.1 LTSR ,Citrix XenServer 7.0\n\n<P>QID Detection Logic (Authenticated):<br/>OS:Citrix XenServer<br/>The QID checks if Hotfixes is applied on the vulnerable versions of Citrix XenServer. <br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:31Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:31Z",

"QID": "375439",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "xenserver",

"VENDOR": "citrix"

}

},

"SOLUTION": "<P>Hotfixes have been released for Citrix XenServer to address these issues. Refer to <A HREF=\"https://support.citrix.com/article/CTX280451\" TARGET=\"_blank\">CTX280451</A> to obtain more information.<br/>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://support.citrix.com/article/CTX280451\" TARGET=\"_blank\">CTX280451</A>",

"TITLE": "Citrix XenServer Security Updates (CTX280451)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CTX280451",

"URL": "https://support.citrix.com/article/CTX280451"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent which is installed on OBM.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-22505",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22505"

}

},

"DIAGNOSIS": "Operations Bridge Manager (OBM) is the core component of the Operations Bridge Suite. It dynamically and automatically discovers and correlates data, event topology, and metrics. <P>\n\nAffected Versions:<br/>\nOperation Bridge Manager versions 10.0x, 10.1x, 10.6x 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10 <P>\n\nQID Detection Logic:<br/>\nThis QID checks the vulnerable officialrelease of Operation Bridge Manager.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-12T13:50:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-12T13:50:00Z",

"QID": "375440",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "operations bridge manager",

"VENDOR": "microfocus"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://support.microfocus.com/downloads/swgrp.html\" TARGET=\"_blank\">KM03792443</A> for updates pertaining to this vulnerability.<br/>\n\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://softwaresupport.softwaregrp.com/doc/KM03792443\" TARGET=\"_blank\">KM03792443</A>",

"TITLE": "Micro Focus Operations Bridge Manager Remote Code Execution Vulnerability(KM03792443)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "KM03792443",

"URL": "https://softwaresupport.softwaregrp.com/doc/KM03792443"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, Exposure of Sensitive Information to an Unauthorized user.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-14002",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14002"

}

},

"DIAGNOSIS": "PuTTY is a client program for the SSH, Telnet and Rlogin network protocols. It is integrated in multiple applications on multiple operating systems for providing SSH, Telnet, and Rlogin protocol support.<P>\n\nCVE-2020-14002: PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation<P>\n\nAffected Version:<br/>\nPuTTY 0.68 through 0.73<P>\n\nQID Detection Logic<br/>\nThis QID checks the vulnerable version of PuTTY by checking the file version of file in registry and also checks in %programfiles%\\PuTTY location.\n\nNOTE: This QID will detect putty version only for putty msi installer.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-12T13:50:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-12T13:50:00Z",

"QID": "375441",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "putty",

"VENDOR": "putty"

}

},

"SOLUTION": "Customers are advised to upgrade to latest version <A HREF=\"https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html\" TARGET=\"_blank\">PuTTY 0.74</A> Inorder to remediate this vulnerability.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html\" TARGET=\"_blank\">Putty</A>",

"TITLE": "Putty Multiple Security Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Putty",

"URL": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), remote code execution, or disclosure of sensitive information.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2011-4969",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4969"

},

{

"ID": "CVE-2015-3194",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194"

},

{

"ID": "CVE-2015-3195",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195"

},

{

"ID": "CVE-2016-0705",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705"

},

{

"ID": "CVE-2016-0799",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799"

},

{

"ID": "CVE-2016-2842",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842"

},

{

"ID": "CVE-2015-3237",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237"

},

{

"ID": "CVE-2015-7995",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995"

},

{

"ID": "CVE-2015-8035",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"

},

{

"ID": "CVE-2007-6750",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750"

},

{

"ID": "CVE-2016-2015",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2015"

}

]

},

"DIAGNOSIS": "The HP System Management Homepage (SMH) is a web-based interface that consolidates the management of ProLiant and Integrity servers running Microsoft Windows or Linux, or HP 9000 and HP Integrity servers running HP-UX 11i.<P>\n\nMultiple potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. <P>\n\nAffected Versions:<br/>\nHPE System Management Homepage versions prior to 7.5.5<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-14T11:33:22Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T11:33:22Z",

"QID": "375442",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "system_management_homepage",

"VENDOR": "hpe"

}

},

"SOLUTION": "Customers are advised to upgrade to <A HREF=\"https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c05111017\" TARGET=\"_blank\">HP SMH v7.5.5</A> or later to remediate these vulnerabilities.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c05111017\" TARGET=\"_blank\">HPESBMU03593</A>",

"TITLE": "HPE System Management Homepage Multiple Vulnerabilities (HPESBMU03593)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "c05111017",

"URL": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c05111017"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploit could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1386",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1386"

}

},

"DIAGNOSIS": "A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credentials on the system.<P>\n\nAffected Versions:<br/>\nCisco AMP for Endpoints Prior to Version 7.3.15<P>\nImmunet Prior to Version 7.4.0<P>\n\nQID Detection Logic:<br/>\nQID checks for the vulnerable version of Cisco AMP and Immunet<P>\n\nNote: Currently we are not supporting ClamAV software<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-12T13:50:00Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-12T13:50:00Z",

"QID": "375443",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "amp",

"VENDOR": "cisco"

}

},

"SOLUTION": "Vendor has released fix to address these vulnerabilities. Refer to <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-imm-dll-tu79hvkO\" TARGET=\"_blank\">cisco-sa-amp-imm-dll-tu79hvkO</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-imm-dll-tu79hvkO\" TARGET=\"_blank\">cisco-sa-amp-imm-dll-tu79hvkO</A>",

"TITLE": "Cisco AMP and Immunet Hijacking Vulnerability (cisco-sa-amp-imm-dll-tu79hvkO)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "cisco-sa-amp-imm-dll-tu79hvkO",

"URL": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-imm-dll-tu79hvkO"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of these vulnerabilities could affect Confidentiality, Integrity and Availability.<P>",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": {

"DESC": "Google chrome Exploit",

"LINK": "https://github.com/r4j0x00/exploits/tree/master/chrome-0day",

"REF": "CVE-2021-21220"

}

},

"SRC_NAME": "Qualys"

}

}

},

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21206",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21206"

},

{

"ID": "CVE-2021-21220",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21220"

}

]

},

"DIAGNOSIS": "Google Chrome is a web browser for multiple platforms developed by Google.<P>\nCVE-2021-21206: Use after free in Blink<br/>\nCVE-2021-21220: Insufficient validation of untrusted input in V8.<P>\n\nAffected Versions:<br/>\nGoogle Chrome Prior to 89.0.4389.128<P>\n\nQID Detection Logic(Authenticated):<br/>\nThis QID checks for vulnerable versions of Google Chrome on Windows, MAC OS, and Linux OS.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T12:32:01Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "375445",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "chrome",

"VENDOR": "google"

}

},

"SOLUTION": "Customers are advised to upgrade to latest version 89.0.4389.128<br/>For further details refer to <A HREF=\"https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html\" TARGET=\"_blank\">Google Chrome 89.0.4389.128</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html\" TARGET=\"_blank\">89.0.4389.128</A>",

"TITLE": "Google Chrome Prior To 89.0.4389.128 Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "89.0.4389.128",

"URL": "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of this vulnerability affects confidentiality, integrity and availability.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21206",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21206"

},

{

"ID": "CVE-2021-21220",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21220"

}

]

},

"DIAGNOSIS": "Microsoft Edge based on Chromium is affected by the following vulnerabilities:<P>\n\nCVE-2021-21206: Use after free in Blink.<br/>\nCVE-2021-21220: Insufficient validation of untrusted input in V8 for x86_64.<P>\n\nAffected Version:<br/>Microsoft Edge based on Chromium prior to version 89.0.774.77<P>\n\nQID Detection Logic: (authenticated)<br/>Operating System: Windows<br/>The install path is checked via registry &quot;HKLM\\SOFTWARE\\Clients\\StartMenuInternet\\Microsoft Edge\\shell\\open\\command&quot;. The version is checked via file msedge.exe.<P>\n\nQID Detection Logic: (authenticated)<br/>Operating System: MacOS<br/>The QID checks for vulnerable version of Microsoft Edge from installed application list.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T16:48:39Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "375446",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "edge_chromium",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Customers are advised to upgrade to version <br/>\nFor further details refer to <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21206\" TARGET=\"_blank\">89.0.774.77 or later</A> \n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21206\" TARGET=\"_blank\">CVE-2021-21206</A><P> <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21220\" TARGET=\"_blank\">CVE-2021-21220</A>",

"TITLE": "Microsoft Edge Based On Chromium Prior to 89.0.774.77 Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "CVE-2021-21206",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21206"

},

{

"ID": "CVE-2021-21220",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21220"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation can result in arbitrary code execution on target system.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-28548",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28548"

},

{

"ID": "CVE-2021-28549",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28549"

}

]

},

"DIAGNOSIS": "Adobe Photoshop is an application that allows users to view and edit various graphic formats. This update resolves an arbitrary code execution vulnerability.<P>\n\n\n<P>Affected Versions:<br/>\nAdobe Photoshop 2020 version 21.2.6 and earlier <br/>\nAdobe Photoshop 2021 version 22.3.1 and earlier <br/>\n\n<P>QID Detection Logic:<br/>\nWindows(Authenticated): This QID checks for vulnerable version of 'Photoshop.exe' file.<br/>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-19T05:04:27Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "375450",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "photoshop",

"VENDOR": "adobe"

}

},

"SOLUTION": "Adobe has released Photoshop version 21.2.6 and 22.3 in <A HREF=\"https://helpx.adobe.com/security/products/photoshop/apsb21-28.html\" TARGET=\"_blank\">APSB21-28</A> to address this vulnerability.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://helpx.adobe.com/security/products/photoshop/apsb21-28.html\" TARGET=\"_blank\">APSB21-28</A>",

"TITLE": "Adobe Photoshop Buffer Overflow Vulnerability (APSB21-28)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "APSB21-28",

"URL": "https://helpx.adobe.com/security/products/photoshop/apsb21-28.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitaton could lead to privilege escalation in the context of current user.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21070",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21070"

}

},

"DIAGNOSIS": "Adobe RoboHelp is a help authoring tool (HAT).<P>\nAdobe has released a security update for RoboHelp. This update resolves a vulnerability rated important. \n\n<P>Affected Versions:<br/>\nAdobe RoboHelp RH2020.0.3 and earlier versions (Windows)<br/>\n\n<P>QID Detection Logic (Authenticated):<br/>\nThe QID checks for vulnerable versions of Adobe RoboHelp by checking the file version of &quot;RoboHelp.exe&quot;.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-14T05:14:45Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "375451",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "robohelp",

"VENDOR": "adobe"

}

},

"SOLUTION": "Users are advised to follow the patch procedure provided by Adobe. For more information visit <A HREF=\"https://helpx.adobe.com/security/products/robohelp/apsb21-20.html\" TARGET=\"_blank\">APSB21-20</A>.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://helpx.adobe.com/security/products/robohelp/apsb21-20.html\" TARGET=\"_blank\">APSB21-20</A>",

"TITLE": "Adobe RoboHelp Privilege Escalation Vulnerability (APSB21-20)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "APSB21-20",

"URL": "https://helpx.adobe.com/security/products/robohelp/apsb21-20.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-28469",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28469"

},

{

"ID": "CVE-2021-28457",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28457"

},

{

"ID": "CVE-2021-28477",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28477"

},

{

"ID": "CVE-2021-28475",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28475"

},

{

"ID": "CVE-2021-28473",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28473"

},

{

"ID": "CVE-2021-28471",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28471"

}

]

},

"DIAGNOSIS": "Visual Studio Code is a lightweight but powerful source code editor which runs on your desktop and is available for Windows, macOS and Linux.<P>\n<P>Affected Versions:<br/>\nVisual studio code prior to version 1.55.2\n\n<P>QID Detection Logic(Authenticated):<br/>\nThis QID checks for the vulnerable versions of visual studio code.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-14T05:14:45Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "375452",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "visual studio code",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Please refer to Microsoft advisory for <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28469\" TARGET=\"_blank\">Visual Studio Code</A> for more details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28469\" TARGET=\"_blank\">CVE-2021-28469: WIndows</A><P> <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28469\" TARGET=\"_blank\">CVE-2021-28469: MAC OS X</A>",

"TITLE": "Visual Studio Code Remote Code Execution Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-28469",

"URL": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28469"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-28470",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28470"

}

},

"DIAGNOSIS": "Visual Studio Code is a lightweight but powerful source code editor which runs on your desktop and is available for Windows, macOS and Linux.<P>\n<P>Affected Versions:<br/>\nGitHub Pull Requests and Issues Extension for Visual Studio Code prior to version 0.25.1\n\n<P>QID Detection Logic(Authenticated):<br/>\nThis QID checks for the vulnerable versions of GitHub Pull Requests and Issues Extension for Visual Studio Code.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-22T16:15:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "375453",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "visual studio code",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Please refer to Microsoft advisory for <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28470\" TARGET=\"_blank\">Visual Studio Code</A> for more details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28470\" TARGET=\"_blank\">CVE-2021-28470: WIndows</A>",

"TITLE": "Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-28471",

"URL": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28470"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-28448",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28448"

}

},

"DIAGNOSIS": "Visual Studio Code is a lightweight but powerful source code editor which runs on your desktop and is available for Windows, macOS and Linux.<P>\n<P>Affected Versions:<br/>\nKubernetes Tools for Visual Studio Code prior to version 1.3.0\n<P>QID Detection Logic(Authenticated):<br/>\nThis QID checks for the vulnerable versions of Kubernetes Tools for Visual Studio Code.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-22T16:15:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:45Z",

"QID": "375454",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "visual studio code",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Please refer to Microsoft advisory for <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28448\" TARGET=\"_blank\">Visual Studio Code</A> for more details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28448\" TARGET=\"_blank\">CVE-2021-28448: WIndows</A>",

"TITLE": "Visual Studio Code Kubernetes Tools Remote Code Execution Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-28448",

"URL": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28448"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-28472",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28472"

}

},

"DIAGNOSIS": "Visual Studio Code is a lightweight but powerful source code editor which runs on your desktop and is available for Windows, macOS and Linux.<P>\n<P>Affected Versions:<br/>\nMaven for Java Extension for Visual Studio Code prior to version 0.29.0\n\n<P>QID Detection Logic(Authenticated):<br/>\nThis QID checks for the vulnerable versions of Maven for Java Extension for Visual Studio Code.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-22T16:15:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T05:14:46Z",

"QID": "375455",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "visual studio code",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Please refer to Microsoft advisory for <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28472\" TARGET=\"_blank\">Visual Studio Code</A> for more details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28472\" TARGET=\"_blank\">CVE-2021-28472: WIndows</A>",

"TITLE": "Visual Studio Code Maven for Java Extension Remote Code Execution Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-28472",

"URL": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28472"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of this vulnerability affects confidentiality, integrity and availability.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21194",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21194"

},

{

"ID": "CVE-2021-21195",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21195"

},

{

"ID": "CVE-2021-21196",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21196"

},

{

"ID": "CVE-2021-21197",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21197"

},

{

"ID": "CVE-2021-21198",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21198"

},

{

"ID": "CVE-2021-21199",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21199"

}

]

},

"DIAGNOSIS": "Microsoft Edge based on Chromium is affected by the following vulnerabilities:<br/>\nCVE-2021-21194: Use after free in screen capture.<br/>\nCVE-2021-21195: Use after free in V8.<br/>\nCVE-2021-21196: Heap buffer overflow in TabStrip.<br/>\nCVE-2021-21197: Heap buffer overflow in TabStrip.<br/>\nCVE-2021-21198: Out of bounds read in IPC.<br/>\nCVE-2021-21199: Use Use after free in Aura<P>\n\nAffected Version:<br/>Microsoft Edge based on Chromium Prior to version 89.0.774.68<P>\n\nQID Detection Logic: (authenticated)<br/>Operating System: Windows<br/>The install path is checked via registry &quot;HKLM\\SOFTWARE\\Clients\\StartMenuInternet\\Microsoft Edge\\shell\\open\\command&quot;. The version is checked via file msedge.exe.<P>\nQID Detection Logic: (authenticated)<br/>Operating System: MacOS<br/>The QID checks for vulnerable version of Microsoft Edge from installed application list.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:25Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "375456",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "edge_chromium",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Customers are advised to upgrade to version <br/>\nFor further details refer to <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21194\" TARGET=\"_blank\">89.0.774.68 or later</A> \n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21194\" TARGET=\"_blank\">CVE-2021-21194</A>",

"TITLE": "Microsoft Edge Based On Chromium Prior to 89.0.774.68 Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "CVE-2021-21194",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21194"

},

{

"ID": "CVE-2021-21195",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21195"

},

{

"ID": "CVE-2021-21196",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21196"

},

{

"ID": "CVE-2021-21197",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21197"

},

{

"ID": "CVE-2021-21198",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21198"

},

{

"ID": "CVE-2021-21199",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21199"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of these vulnerabilities could affect Confidentiality, Integrity and Availability.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21201",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21201"

},

{

"ID": "CVE-2021-21202",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21202"

},

{

"ID": "CVE-2021-21203",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21203"

},

{

"ID": "CVE-2021-21204",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21204"

},

{

"ID": "CVE-2021-21205",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21205"

},

{

"ID": "CVE-2021-21221",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21221"

},

{

"ID": "CVE-2021-21207",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21207"

},

{

"ID": "CVE-2021-21208",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21208"

},

{

"ID": "CVE-2021-21209",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21209"

},

{

"ID": "CVE-2021-21210",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21210"

},

{

"ID": "CVE-2021-21211",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21211"

},

{

"ID": "CVE-2021-21212",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21212"

},

{

"ID": "CVE-2021-21213",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21213"

},

{

"ID": "CVE-2021-21214",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21214"

},

{

"ID": "CVE-2021-21215",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21215"

},

{

"ID": "CVE-2021-21216",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21216"

},

{

"ID": "CVE-2021-21217",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21217"

},

{

"ID": "CVE-2021-21218",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21218"

},

{

"ID": "CVE-2021-21219",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21219"

}

]

},

"DIAGNOSIS": "Google Chrome is a web browser for multiple platforms developed by Google.<P>\n\nAffected Versions:<br/>\nGoogle Chrome Prior to 90.0.4430.72<P>\n\nQID Detection Logic(Authenticated):<br/>\nThis QID checks for vulnerable versions of Google Chrome on Windows, MAC OS, and Linux OS.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:25Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "375459",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "chrome",

"VENDOR": "google"

}

},

"SOLUTION": "Customers are advised to upgrade to latest version 90.0.4430.72<br/>For further details refer to <A HREF=\"https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html\" TARGET=\"_blank\">Google Chrome 90.0.4430.72</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html\" TARGET=\"_blank\">90.0.4430.72</A>",

"TITLE": "Google Chrome Prior To 90.0.4430.72 Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "90.0.4430.72",

"URL": "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-17159",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17159"

}

},

"DIAGNOSIS": "Visual Studio Code is a lightweight but powerful source code editor which runs on your desktop and is available for Windows, macOS and Linux.<P>\n<P>Affected Versions:<br/>\nJava Extension Pack for Visual Studio Code prior to version 0.72\n\n<P>QID Detection Logic(Authenticated):<br/>\nThis QID checks for the vulnerable versions of Java Extension Pack for Visual Studio Code.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-22T16:15:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "375460",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "visual studio code",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Please refer to Microsoft advisory for <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17159\" TARGET=\"_blank\">Visual Studio Code</A> for more details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17159\" TARGET=\"_blank\">CVE-2020-17159: WIndows</A>",

"TITLE": "Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2020-17159",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17159"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of this vulnerability affects confidentiality, integrity and availability.<P>",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": {

"DESC": "Google Chrome prior to 90.0.4430.85",

"LINK": "https://github.com/avboy1337/1195777-chrome0day",

"REF": "CVE-0000-0000"

}

},

"SRC_NAME": "Qualys"

}

}

},

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21222",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21222"

},

{

"ID": "CVE-2021-21223",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21223"

},

{

"ID": "CVE-2021-21224",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21224"

},

{

"ID": "CVE-2021-21225",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21225"

},

{

"ID": "CVE-2021-21226",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21226"

}

]

},

"DIAGNOSIS": "Google Chrome is a web browser for multiple platforms developed by Google.<P>\n\nAffected Versions:<br/>\nGoogle Chrome Prior To 90.0.4430.85<P>\n\nQID Detection Logic(Authenticated):<br/>\nThis QID checks for vulnerable versions of Google Chrome on Windows.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-22T16:15:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "375461",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "chrome",

"VENDOR": "google"

}

},

"SOLUTION": "Customers are advised to upgrade to latest version90.0.4430.85<br/>For further details refer to <A HREF=\"https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_20.html\" TARGET=\"_blank\">Google Chrome 90.0.4430.85</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_20.html\" TARGET=\"_blank\">90.0.4430.85</A>",

"TITLE": "Google Chrome Prior To 90.0.4430.85 Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "90.0.4430.85",

"URL": "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_20.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27084",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27084"

}

},

"DIAGNOSIS": "Visual Studio Code is a lightweight but powerful source code editor which runs on your desktop and is available for Windows, macOS and Linux.<P>\n<P>Affected Versions:<br/>\nJava Extension Pack for Visual Studio Code prior to version 0.28.0\n\n<P>QID Detection Logic(Authenticated):<br/>\nThis QID checks for the vulnerable versions of Java Extension Pack for Visual Studio Code.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Windows"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-22T16:15:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "375462",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "visual studio code",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Please refer to Microsoft advisory for <A HREF=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27084\" TARGET=\"_blank\">Visual Studio Code</A> for more details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27084\" TARGET=\"_blank\">CVE-2021-27084: Windows</A>",

"TITLE": "Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-27084",

"URL": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27084"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "Successful exploitation of this vulnerability affects confidentiality, integrity and availability.<P>",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": {

"DESC": "Microsoft Edge Based On Chromium prior to 90.0.818.41 Code Execution Vulnerability",

"LINK": "https://github.com/avboy1337/1195777-chrome0day",

"REF": "CVE-0000-0000"

}

},

"SRC_NAME": "Qualys"

}

}

},

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21224",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21224"

}

},

"DIAGNOSIS": "Microsoft Edge is a cross-platform web browser developed by Microsoft.<P>\n\nMicrosoft Edge based on Chromium is affected by the following vulnerability:<br/>\nCVE-2021-21224: Type confusion in V8<P>\n\nAffected Versions:<br/>\nMicrosoft Edge Based On Chromium Prior to 90.0.818.41<P>\n\nQID Detection Logic: (authenticated)<br/>Operating System: Windows<br/>The install path is checked via registry &quot;HKLM\\SOFTWARE\\Clients\\StartMenuInternet\\Microsoft Edge\\shell\\open\\command&quot;. The version is checked via file msedge.exe.<P>\nQID Detection Logic: (authenticated)<br/>Operating System: MacOS<br/>The QID checks for vulnerable version of Microsoft Edge from installed application list.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-04T12:53:48Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "375463",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "edge_chromium",

"VENDOR": "microsoft"

}

},

"SOLUTION": "Customers are advised to upgrade to version <br/>\nFor further details refer to <A HREF=\"https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#april-16-2021\" TARGET=\"_blank\">90.0.818.41 or later</A> \n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#april-16-2021\" TARGET=\"_blank\">Microsoft Edge</A>",

"TITLE": "Microsoft Edge Based On Chromium Prior to 90.0.818.41 Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Microsoft Edge",

"URL": "https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#april-16-2021"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Local",

"CONSEQUENCE": "An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23991",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"

},

{

"ID": "CVE-2021-23992",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"

},

{

"ID": "CVE-2021-23993",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"

}

]

},

"DIAGNOSIS": "Thunderbird is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.<P>\n\nAffected Products: <br/>\nPrior to Mozilla Thunderbird 78.9.1<P>\n\nQID Detection Logic (Authenticated):<br/>\nThis checks for vulnerable version of Thunderbird browser.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": [

"Windows",

"Unix"

]

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:40Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:40Z",

"QID": "375465",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "thunderbird",

"VENDOR": "mozilla"

}

},

"SOLUTION": "Vendor has released fix to address these vulnerabilities. Refer to <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13\" TARGET=\"_blank\">MFSA2021-13</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13\" TARGET=\"_blank\">mfsa2021-13</A>",

"TITLE": "Mozilla Thunderbird Multiple Vulnerabilities (MFSA2021-13)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "MFSA2021-13",

"URL": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-13/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Device",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1879",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1879"

}

},

"DIAGNOSIS": "iOS is a mobile operating system created and developed by Apple Inc.<P>Following security issues are observed :<br/>This issue was addressed by improved management of object lifetimes.\nCVE-2021-1879<P>Affected Devices <br/> iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:05Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:05Z",

"QID": "610327",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "None",

"VENDOR": "apple"

},

{

"PRODUCT": "ipad_os",

"VENDOR": "apple"

},

{

"PRODUCT": "iphone_os",

"VENDOR": "apple"

},

{

"PRODUCT": "watchos",

"VENDOR": "apple"

}

]

},

"SOLUTION": "Refer to Apple advisory <A HREF=\"https://support.apple.com/en-in/HT212256\" TARGET=\"_blank\">HT212256</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://support.apple.com/en-in/HT212256\" TARGET=\"_blank\">HT212256: iOS</A>",

"TITLE": "Apple iOS 14.4.2 and iPadOS 14.4.2 Security Update Missing (HT212256)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "HT212256",

"URL": "https://support.apple.com/en-in/HT212256"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Device",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-1879",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1879"

}

},

"DIAGNOSIS": "iOS is a mobile operating system created and developed by Apple Inc.<P>Following security issues are observed :<br/>This issue was addressed by improved management of object lifetimes.\nCVE-2021-1879<P>Affected Devices <br/> iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:05Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:05Z",

"QID": "610328",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "None",

"VENDOR": "apple"

},

{

"PRODUCT": "ipad_os",

"VENDOR": "apple"

},

{

"PRODUCT": "iphone_os",

"VENDOR": "apple"

},

{

"PRODUCT": "watchos",

"VENDOR": "apple"

}

]

},

"SOLUTION": "Refer to Apple advisory <A HREF=\"https://support.apple.com/en-in/HT212257\" TARGET=\"_blank\">HT212257</A> for patching details.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://support.apple.com/en-in/HT212257\" TARGET=\"_blank\">HT212257: iOS</A>",

"TITLE": "Apple iOS 12.5.2 Security Update Missing (HT212257)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "HT212257",

"URL": "https://support.apple.com/en-in/HT212257"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Device",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-0488",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0488"

},

{

"ID": "CVE-2020-11231",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11231"

},

{

"ID": "CVE-2020-5235",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5235"

}

]

},

"DIAGNOSIS": "Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.<P>\nFollowing security issues were discovered:<br/> CVE-2021-0488,CVE-2020-11231,CVE-2020-5235<P>Affected Products : <br/> Pixel 4 XL, Pixel 4, Pixel 3a XL, Pixel 3a, Pixel 3 XL, Pixel 3, Pixel 2 XL, Pixel 2",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "610329",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "google"

}

},

"SOLUTION": "Refer to Google Pixel advisory <A HREF=\"https://source.android.com/security/bulletin/pixel/2021-04-01\" TARGET=\"_blank\"> Google Pixel Android April2021</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://source.android.com/security/bulletin/pixel/2021-04-01\" TARGET=\"_blank\">April 2021: Android</A>",

"TITLE": "Google Pixel Android April 2021 Security Patch Missing",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Pixel Update Bulletin April2021",

"URL": "https://source.android.com/security/bulletin/pixel/2021-04-01"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Device",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-11204",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11204"

},

{

"ID": "CVE-2020-11228",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11228"

},

{

"ID": "CVE-2020-11218",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11218"

},

{

"ID": "CVE-2020-11192",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11192"

},

{

"ID": "CVE-2020-11227",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11227"

},

{

"ID": "CVE-2021-0430",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0430"

},

{

"ID": "CVE-2020-11178",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11178"

},

{

"ID": "CVE-2020-11165",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11165"

},

{

"ID": "CVE-2020-11195",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11195"

},

{

"ID": "CVE-2020-11198",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11198"

},

{

"ID": "CVE-2020-11194",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11194"

},

{

"ID": "CVE-2020-11220",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11220"

},

{

"ID": "CVE-2020-11199",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11199"

},

{

"ID": "CVE-2020-11221",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11221"

},

{

"ID": "CVE-2020-11308",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11308"

},

{

"ID": "CVE-2020-11290",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11290"

},

{

"ID": "CVE-2020-11309",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11309"

},

{

"ID": "CVE-2020-11186",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11186"

},

{

"ID": "CVE-2020-11226",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11226"

},

{

"ID": "CVE-2020-11171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11171"

},

{

"ID": "CVE-2020-11222",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11222"

},

{

"ID": "CVE-2020-11188",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11188"

},

{

"ID": "CVE-2020-11190",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11190"

},

{

"ID": "CVE-2020-11189",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11189"

},

{

"ID": "CVE-2020-11166",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11166"

},

{

"ID": "CVE-2021-0399",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0399"

},

{

"ID": "CVE-2021-0400",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0400"

},

{

"ID": "CVE-2021-0426",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0426"

},

{

"ID": "CVE-2021-0427",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0427"

},

{

"ID": "CVE-2021-0432",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0432"

},

{

"ID": "CVE-2021-0438",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0438"

},

{

"ID": "CVE-2021-0439",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0439"

},

{

"ID": "CVE-2021-0442",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0442"

},

{

"ID": "CVE-2021-0443",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0443"

},

{

"ID": "CVE-2021-0444",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0444"

},

{

"ID": "CVE-2021-0338",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0338"

},

{

"ID": "CVE-2021-0437",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0437"

},

{

"ID": "CVE-2021-0436",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0436"

},

{

"ID": "CVE-2021-0471",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0471"

},

{

"ID": "CVE-2021-0429",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0429"

},

{

"ID": "CVE-2021-0433",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0433"

},

{

"ID": "CVE-2021-0431",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0431"

},

{

"ID": "CVE-2021-0435",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0435"

}

]

},

"DIAGNOSIS": "Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.<P>\nFollowing security issues were discovered:<br/> CVE-2020-11204, CVE-2020-11228, CVE-2020-11218, CVE-2020-11192, CVE-2020-11227, CVE-2021-0430,CVE-2020-11178, CVE-2020-11165, CVE-2020-11195, CVE-2020-11198, CVE-2020-11194, CVE-2020-11220, CVE-2020-11199, CVE-2020-11221, CVE-2020-11308, CVE-2020-11290, CVE-2020-11309, CVE-2020-11186, CVE-2020-11226, CVE-2020-11171, CVE-2020-11222, CVE-2020-11188, CVE-2020-11190, CVE-2020-11189, CVE-2020-11166, CVE-2021-0399, CVE-2021-0400, CVE-2021-0426, CVE-2021-0427, CVE-2021-0432, CVE-2021-0438, CVE-2021-0439, CVE-2021-0442, CVE-2021-0443, CVE-2021-0444, CVE-2021-0338, CVE-2021-0437, CVE-2021-0436, CVE-2021-0471, CVE-2021-0429, CVE-2021-0433, CVE-2021-0431, CVE-2021-0435<P>Affected Products : <br/> G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "610330",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "android",

"VENDOR": "google"

},

{

"PRODUCT": "None",

"VENDOR": "google"

}

]

},

"SOLUTION": "Refer to Samsung Security advisory <A HREF=\"https://security.samsungmobile.com/securityUpdate.smsb\" TARGET=\"_blank\"> SMR-April-2021</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://security.samsungmobile.com/securityUpdate.smsb\" TARGET=\"_blank\">SMR-April-2021: Android</A>",

"TITLE": "Google Android April 2021 Security Patch Missing for Samsung",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SMR-April-2021",

"URL": "https://security.samsungmobile.com/securityUpdate.smsb"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Device",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-11255",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11255"

},

{

"ID": "CVE-2020-15436",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15436"

},

{

"ID": "CVE-2020-25705",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25705"

},

{

"ID": "CVE-2020-11252",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11252"

},

{

"ID": "CVE-2020-11242",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11242"

},

{

"ID": "CVE-2021-0431",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0431"

},

{

"ID": "CVE-2021-0430",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0430"

},

{

"ID": "CVE-2021-0433",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0433"

},

{

"ID": "CVE-2021-0432",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0432"

},

{

"ID": "CVE-2021-0435",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0435"

},

{

"ID": "CVE-2021-0437",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0437"

},

{

"ID": "CVE-2021-0436",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0436"

},

{

"ID": "CVE-2021-0439",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0439"

},

{

"ID": "CVE-2021-0438",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0438"

},

{

"ID": "CVE-2021-0471",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0471"

},

{

"ID": "CVE-2020-11251",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11251"

},

{

"ID": "CVE-2020-11243",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11243"

},

{

"ID": "CVE-2020-11245",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11245"

},

{

"ID": "CVE-2020-11246",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11246"

},

{

"ID": "CVE-2021-0468",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0468"

},

{

"ID": "CVE-2020-11247",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11247"

},

{

"ID": "CVE-2021-0400",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0400"

},

{

"ID": "CVE-2020-11191",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11191"

},

{

"ID": "CVE-2021-0444",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0444"

},

{

"ID": "CVE-2021-0445",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0445"

},

{

"ID": "CVE-2021-0446",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0446"

},

{

"ID": "CVE-2021-0426",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0426"

},

{

"ID": "CVE-2021-0427",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0427"

},

{

"ID": "CVE-2021-0442",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0442"

},

{

"ID": "CVE-2021-0443",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0443"

},

{

"ID": "CVE-2021-0428",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0428"

},

{

"ID": "CVE-2021-0429",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0429"

},

{

"ID": "CVE-2020-11210",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11210"

},

{

"ID": "CVE-2020-11234",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11234"

},

{

"ID": "CVE-2020-11237",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11237"

},

{

"ID": "CVE-2020-11236",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11236"

}

]

},

"DIAGNOSIS": "Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.<P>\nFollowing security issues were discovered:<br/> CVE-2020-11255,CVE-2020-15436,CVE-2020-25705,CVE-2020-11252,CVE-2020-11242,CVE-2021-0431,CVE-2021-0430,CVE-2021-0433,CVE-2021-0432,CVE-2021-0435,CVE-2021-0437,CVE-2021-0436,CVE-2021-0439,CVE-2021-0438,CVE-2021-0471,CVE-2020-11251,CVE-2020-11243,CVE-2020-11245,CVE-2020-11246,CVE-2021-0468,CVE-2020-11247,CVE-2021-0400,CVE-2020-11191,CVE-2021-0444,CVE-2021-0445,CVE-2021-0446,CVE-2021-0426,CVE-2021-0427,CVE-2021-0442,CVE-2021-0443,CVE-2021-0428,CVE-2021-0429,CVE-2020-11210,CVE-2020-11234,CVE-2020-11237,CVE-2020-11236",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "610331",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "None",

"VENDOR": "google"

},

{

"PRODUCT": "android",

"VENDOR": "google"

}

]

},

"SOLUTION": "Refer to Google advisory <A HREF=\"https://source.android.com/security/bulletin/2021-04-01\" TARGET=\"_blank\"> Google Android April2021</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://source.android.com/security/bulletin/2021-04-01\" TARGET=\"_blank\">April 2021: Android</A>",

"TITLE": "Google Android Devices April 2021 Security Patch Missing",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Android Security Bulletin April2021",

"URL": "https://source.android.com/security/bulletin/2021-04-01"

}

},

"VULN_TYPE": "Potential Vulnerability"

},

{

"CATEGORY": "Mobile Device",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-11192",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11192"

},

{

"ID": "CVE-2020-11204",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11204"

},

{

"ID": "CVE-2020-11218",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11218"

},

{

"ID": "CVE-2020-11227",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11227"

},

{

"ID": "CVE-2020-11228",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11228"

},

{

"ID": "CVE-2021-0430",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0430"

},

{

"ID": "CVE-2021-0399",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0399"

},

{

"ID": "CVE-2020-11223",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11223"

},

{

"ID": "CVE-2020-11290",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11290"

},

{

"ID": "CVE-2020-11308",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11308"

},

{

"ID": "CVE-2020-11309",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11309"

},

{

"ID": "CVE-2020-11165",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11165"

},

{

"ID": "CVE-2020-11166",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11166"

},

{

"ID": "CVE-2020-11171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11171"

},

{

"ID": "CVE-2020-11178",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11178"

},

{

"ID": "CVE-2020-11186",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11186"

},

{

"ID": "CVE-2020-11188",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11188"

},

{

"ID": "CVE-2020-11189",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11189"

},

{

"ID": "CVE-2020-11190",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11190"

},

{

"ID": "CVE-2020-11194",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11194"

},

{

"ID": "CVE-2020-11195",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11195"

},

{

"ID": "CVE-2020-11198",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11198"

},

{

"ID": "CVE-2020-11199",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11199"

},

{

"ID": "CVE-2020-11220",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11220"

},

{

"ID": "CVE-2020-11221",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11221"

},

{

"ID": "CVE-2020-11222",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11222"

},

{

"ID": "CVE-2020-11226",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11226"

},

{

"ID": "CVE-2021-0400",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0400"

},

{

"ID": "CVE-2021-0426",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0426"

},

{

"ID": "CVE-2021-0427",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0427"

},

{

"ID": "CVE-2021-0432",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0432"

},

{

"ID": "CVE-2021-0438",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0438"

},

{

"ID": "CVE-2021-0439",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0439"

},

{

"ID": "CVE-2021-0442",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0442"

},

{

"ID": "CVE-2021-0443",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0443"

},

{

"ID": "CVE-2021-0338",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0338"

},

{

"ID": "CVE-2021-0437",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0437"

},

{

"ID": "CVE-2021-0436",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0436"

},

{

"ID": "CVE-2021-0471",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0471"

},

{

"ID": "CVE-2021-0429",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0429"

},

{

"ID": "CVE-2021-0433",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0433"

},

{

"ID": "CVE-2021-0431",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0431"

},

{

"ID": "CVE-2021-0435",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0435"

},

{

"ID": "CVE-2020-11299",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11299"

},

{

"ID": "CVE-2021-0444",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0444"

},

{

"ID": "CVE-2021-0446",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0446"

}

]

},

"DIAGNOSIS": "Android is a mobile operating system based on a modified version of the Linux kernel and other open source software, designed primarily for touchscreen mobile devices such as smartphones and tablets.<P>\nFollowing security issues were discovered:<br/> CVE-2020-11192 , CVE-2020-11204 , CVE-2020-11218 , CVE-2020-11227 , CVE-2020-11228 , CVE-2021-0430,CVE-2021-0399 , CVE-2020-11223 , CVE-2020-11290 , CVE-2020-11308 , CVE-2020-11309 , CVE-2020-11165 , CVE-2020-11166 , CVE-2020-11171 , CVE-2020-11178 , CVE-2020-11186 , CVE-2020-11188 , CVE-2020-11189 , CVE-2020-11190 , CVE-2020-11194 , CVE-2020-11195 , CVE-2020-11198 , CVE-2020-11199 , CVE-2020-11220 , CVE-2020-11221 , CVE-2020-11222 , CVE-2020-11226 , CVE-2021-0400 , CVE-2021-0426 , CVE-2021-0427 , CVE-2021-0432 , CVE-2021-0438 , CVE-2021-0439 , CVE-2021-0442 , CVE-2021-0443 , CVE-2021-0338 , CVE-2021-0437 , CVE-2021-0436 , CVE-2021-0471 , CVE-2021-0429 , CVE-2021-0433 , CVE-2021-0431 , CVE-2021-0435,CVE-2020-11299 , CVE-2021-0444 , CVE-2021-0446<P>Affected Products : <br/> G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "610332",

"SEVERITY_LEVEL": "5",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "android",

"VENDOR": "google"

},

{

"PRODUCT": "None",

"VENDOR": "google"

}

]

},

"SOLUTION": "Refer to LGE Security advisory <A HREF=\"https://lgsecurity.lge.com/security_updates_mobile.html\" TARGET=\"_blank\"> SMR-April-2021</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lgsecurity.lge.com/security_updates_mobile.html\" TARGET=\"_blank\">SMR-April-2021: Android</A>",

"TITLE": "Google Android April 2021 Security Patch Missing for LGE",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "SMR-April-2021",

"URL": "https://lgsecurity.lge.com/security_updates_mobile.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21171",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21171"

}

},

"DIAGNOSIS": "Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "630654",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "chrome",

"VENDOR": "google"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21171\" TARGET=\"_blank\"> CVE-2021-21171</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21171\" TARGET=\"_blank\">CVE-2021-21171: Android</A>",

"TITLE": "Google Chrome For Android Insufficient Information Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-21171",

"URL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21171"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21124",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21124"

},

{

"ID": "CVE-2021-21136",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21136"

}

]

},

"DIAGNOSIS": "Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "630656",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "chrome",

"VENDOR": "google"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21124\" TARGET=\"_blank\"> CVE-2021-21124</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21124\" TARGET=\"_blank\">CVE-2021-21124: Android</A>",

"TITLE": "Google Chrome For Android Use After Free Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-21124",

"URL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21124"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-2735",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2735"

},

{

"ID": "CVE-2021-27351",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27351"

}

]

},

"DIAGNOSIS": "The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "630660",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "telegram",

"VENDOR": "telegram"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-27351\" TARGET=\"_blank\"> CVE-2021-27351</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-27351\" TARGET=\"_blank\">CVE-2021-27351: Android</A>",

"TITLE": "Telegram For Android Insufficient Session ExpirationVulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-27351",

"URL": "https://nvd.nist.gov/vuln/detail/CVE-2021-27351"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-36250",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36250"

},

{

"ID": "CVE-2020-36248",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36248"

}

]

},

"DIAGNOSIS": "In the ownCloud application before 2.15 for Android, the lock protection mechanism can be bypassed by moving the system date/time into the past.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "630662",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "owncloud",

"VENDOR": "owncloud"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2020-36250\" TARGET=\"_blank\"> CVE-2020-36250</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2020-36250\" TARGET=\"_blank\">CVE-2020-36250: Android</A>",

"TITLE": "ownCloud For Android Inadequate Encryption Strength Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2020-36250",

"URL": "https://nvd.nist.gov/vuln/detail/CVE-2020-36250"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-1910",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1910"

}

},

"DIAGNOSIS": "A missing bounds check in WhatsApp for Android prior to v2.21.1.13 and WhatsApp Business for Android prior to v2.21.1.13 could have allowed out-of-bounds read and write if a user applied specific image filters to a specially crafted image and sent the resulting image.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "630663",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "whatsapp",

"VENDOR": "whatsapp"

},

{

"PRODUCT": "whatsapp_business",

"VENDOR": "whatsapp"

}

]

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2020-1910\" TARGET=\"_blank\"> CVE-2020-1910</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2020-1910\" TARGET=\"_blank\">CVE-2020-1910: Android</A>",

"TITLE": "WhatsApp For Android Out-of-bounds Write Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2020-1910",

"URL": "https://nvd.nist.gov/vuln/detail/CVE-2020-1910"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-27189",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27189"

}

},

"DIAGNOSIS": "The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:06Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:06Z",

"QID": "630664",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "canadian_shield",

"VENDOR": "cira"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-27189\" TARGET=\"_blank\"> CVE-2021-27189</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-27189\" TARGET=\"_blank\">CVE-2021-27189: iOS</A>",

"TITLE": "CIRA Canadian Shield For iOS Improper Certificate Validation Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-27189",

"URL": "https://nvd.nist.gov/vuln/detail/CVE-2021-27189"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21301",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21301"

}

},

"DIAGNOSIS": "Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the call when the user believes it is disabled. It impacts all users in video calls. This is fixed in version 3.75.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:05Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:05Z",

"QID": "630665",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "wire",

"VENDOR": "wire"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21301\" TARGET=\"_blank\"> CVE-2021-21301</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21301\" TARGET=\"_blank\">CVE-2021-21301: iOS</A>",

"TITLE": "Wire For iOS Exposure of Sensitive Information Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-21301",

"URL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21301"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21164",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21164"

},

{

"ID": "CVE-2021-21186",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21186"

},

{

"ID": "CVE-2021-21163",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21163"

}

]

},

"DIAGNOSIS": "Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:05Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:05Z",

"QID": "630666",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "chrome",

"VENDOR": "google"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21164\" TARGET=\"_blank\">CVE-2021-21164</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21164\" TARGET=\"_blank\">CVE-2021-21164: iOS</A>",

"TITLE": "Google Chrome For iOS Multiple Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-21164",

"URL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21164"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation, it could allow an attacker to execute code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-21134",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21134"

}

},

"DIAGNOSIS": "Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:05Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:05Z",

"QID": "630667",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "chrome",

"VENDOR": "google"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21134\" TARGET=\"_blank\">CVE-2021-21134</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://nvd.nist.gov/vuln/detail/CVE-2021-21134\" TARGET=\"_blank\">CVE-2021-21134: iOS</A>",

"TITLE": "Google Chrome For iOS Authentication Bypass by Spoofing Vulnerability",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "CVE-2021-21134",

"URL": "https://nvd.nist.gov/vuln/detail/CVE-2021-21134"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation it could allow to compromise integrity, availability and confidentiality.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23981",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"

},

{

"ID": "CVE-2021-23982",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"

},

{

"ID": "CVE-2021-23983",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23983"

},

{

"ID": "CVE-2021-23984",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"

},

{

"ID": "CVE-2021-23985",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23985"

},

{

"ID": "CVE-2021-23986",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23986"

},

{

"ID": "CVE-2021-23987",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"

},

{

"ID": "CVE-2021-23988",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23988"

}

]

},

"DIAGNOSIS": "Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.<P>\n\nAffected Products: <br/>\nPrior to Firefox 87<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T13:09:23Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:05Z",

"QID": "630668",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "None",

"VENDOR": "mozilla"

},

{

"PRODUCT": "firefox_esr",

"VENDOR": "mozilla"

},

{

"PRODUCT": "firefox",

"VENDOR": "mozilla"

},

{

"PRODUCT": "thunderbird",

"VENDOR": "mozilla"

}

]

},

"SOLUTION": "Vendor has released fix to address these vulnerabilities. Refer to <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/\" TARGET=\"_blank\">MFSA 2021-10</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/\" TARGET=\"_blank\">mfsa2021-10: Android</A><P> <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/\" TARGET=\"_blank\">mfsa2021-10: iOS</A>",

"TITLE": "Mozilla Firefox for Android and iOS Multiple Vulnerabilities (MFSA2021-10)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "mfsa2021-10",

"URL": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation it could allow to compromise integrity, availability and confidentiality.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23969",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23969"

},

{

"ID": "CVE-2021-23970",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23970"

},

{

"ID": "CVE-2021-23968",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23968"

},

{

"ID": "CVE-2021-23974",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23974"

},

{

"ID": "CVE-2021-23971",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23971"

},

{

"ID": "CVE-2021-23972",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23972"

},

{

"ID": "CVE-2021-23975",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23975"

},

{

"ID": "CVE-2021-23973",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23973"

},

{

"ID": "CVE-2021-23979",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23979"

},

{

"ID": "CVE-2021-23976",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23976"

},

{

"ID": "CVE-2021-23977",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23977"

}

]

},

"DIAGNOSIS": "Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.<P>\n\nCVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect.<br/>\nCVE-2021-23970: Multithreaded WASM triggered assertions validating separation of script domains.<br/>\nCVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect.<br/>\nCVE-2021-23974: noscript elements could have led to an HTML Sanitizer bypass.<br/>\nCVE-2021-23971: A website's Referrer-Policy could have been be overridden, potentially resulting in the full URL being sent as a Referrer.<br/>\nCVE-2021-23972: HTTP Auth phishing warning was omitted when a redirect is cached.<br/>\nCVE-2021-23975: about:memory Measure function caused an incorrect pointer operation.<br/>\nCVE-2021-23973: MediaError message property could have leaked information about cross-origin resources.<br/>\nCVE-2021-23979: Memory safety bugs fixed in Firefox 86.<P>\n\nAffected Products: <br/>\nPrior to Firefox 86",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:05Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:05Z",

"QID": "630669",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "firefox_esr",

"VENDOR": "mozilla"

},

{

"PRODUCT": "firefox",

"VENDOR": "mozilla"

},

{

"PRODUCT": "thunderbird",

"VENDOR": "mozilla"

},

{

"PRODUCT": "None",

"VENDOR": "mozilla"

}

]

},

"SOLUTION": "Vendor has released fix to address these vulnerabilities. Refer to <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/\" TARGET=\"_blank\">MFSA 2021-07</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/\" TARGET=\"_blank\">mfsa2021-07: Android</A><P> <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/\" TARGET=\"_blank\">mfsa2021-07: iOS</A>",

"TITLE": "Mozilla Firefox for Android and iOS Multiple Vulnerabilities (MFSA2021-07)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "MFSA2021-07",

"URL": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "Mobile Application",

"CONSEQUENCE": "On successful exploitation an attacker can run arbitrary code.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-15679",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15679"

}

},

"DIAGNOSIS": "An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could craft a custom login URL, convince a VPN user to login via that URL, and obtain authenticated access as that user. <P>\nAffected Versions<br/>\nMozilla VPN Android 1.1.0 (1360)<br/>\nMozilla VPN iOS 1.0.7 (929)",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"AUTH_TYPE_LIST": {

"AUTH_TYPE": "Unix"

},

"REMOTE": "0"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:41:05Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:41:05Z",

"QID": "630670",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "None",

"VENDOR": "mozilla"

}

},

"SOLUTION": "Upgrade to the latest packages which contain a patch. Refer to <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2020-48/\" TARGET=\"_blank\">mfsa2020-48</A> to address this issue and obtain more information.\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2020-48/\" TARGET=\"_blank\">mfsa2020-48: Android</A><P> <A HREF=\"https://www.mozilla.org/en-US/security/advisories/mfsa2020-48/\" TARGET=\"_blank\">mfsa2020-48: iOS</A>",

"TITLE": "Mozilla VPN For Android and iOS OAuth Session Fixation Vulnerability (MFSA2020-48)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "MFSA2020-48",

"URL": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-48/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "This vulnerability could be exploited to gain access to sensitive information.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-13943",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13943"

}

},

"DIAGNOSIS": "<P>Apache Tomcat is an open source web server and servlet container developed by the Apache Software Foundation.<br/>\n\nIf an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources. <P>\n\n<P>Affected Versions:<br/>\nApache Tomcat 10.0.0-M1 to 10.0.0-M7\nApache Tomcat 9.0.0.M5 to 9.0.37\nApache Tomcat 8.5.1 to 8.5.57\n\nQID Detection Logic:<br/>\nThe QID checks for vulnerable version by sending a GET /QUALYS13813 HTTP/1.0 request which helps in retrieving the installed version of Apache Tomcat in the banner of the response.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-13T15:56:45Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-05T13:40:51Z",

"QID": "730013",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "tomcat",

"VENDOR": "apache"

}

},

"SOLUTION": "Upgrade to the Apache Tomcat 10.0.0-M8, 9.0.38,8.5.58 or later version.\nPlease refer to\n<A HREF=\"https://lists.apache.org/thread.html/r4a390027eb27e4550142fac6c8317cc684b157ae314d31514747f307%40%3Cannounce.tomcat.apache.org%3E\" TARGET=\"_blank\">Apache Tomcat Website</A>.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://lists.apache.org/thread.html/r4a390027eb27e4550142fac6c8317cc684b157ae314d31514747f307%40%3Cannounce.tomcat.apache.org%3E\" TARGET=\"_blank\">Apache Tomcat </A>",

"TITLE": "Apache Tomcat HTTP2 Client Information Disclosure Vulnerability(CVE-2020-13943)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Apache Tomcat",

"URL": "https://lists.apache.org/thread.html/r4a390027eb27e4550142fac6c8317cc684b157ae314d31514747f307%40%3Cannounce.tomcat.apache.org%3E"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "An attacker could leverage this issue by accessing the unprotected endpoint and gather intelligence about the host where SimpleSAMLphp is deployed, using it later for their own advantage in case other issues arise.",

"DIAGNOSIS": "SimpleSAMLphp is an award-winning application written in native PHP that deals with authentication. <P>\n\nAffected Versions:<br/>\nSimpleSAMLphp 1.17.0 - 1.17.7 <P>\n\nQID Detection Logic:(Unauthenticated)<br/>\nThis QID checks for vulnerable version of SimpleSAMLphp<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "730014",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "simplesamlphp",

"VENDOR": "simplesamlphp"

}

},

"SOLUTION": "Customers are advised upgrade to the SimpleSAMLphp installation to version 1.17.8 latest one.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://simplesamlphp.org/security/201911-02\" TARGET=\"_blank\">201911-02</A>",

"TITLE": "SimpleSAMLphp Information disclosure Vulnerability(201911-02)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "201911-02",

"URL": "https://simplesamlphp.org/security/201911-02"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "An attacker could leverage this issue to manually craft an assertion and have the message validated as correctly signed without access to the signing key. This message will then be consumed by a SimpleSAMLphp service provider and the malicious assertion will be processed as if it was legal.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2019-3465",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3465"

}

},

"DIAGNOSIS": "SimpleSAMLphp is an award-winning application written in native PHP that deals with authentication. <P>\n\nAffected Versions:<br/>\nSimpleSAMLphp versions are affected, up to (including) 1.17.6.<P>\n\nQID Detection Logic:(Unauthenticated)<br/>\nThis QID checks for vulnerable version of SimpleSAMLphp<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "730015",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "simplesamlphp",

"VENDOR": "simplesamlphp"

}

},

"SOLUTION": "Customers are advised upgrade to the SimpleSAMLphp installation to version 3.0.4 or 2.1.1. For more information please visit <A HREF=\"https://simplesamlphp.org/security/201911-01\" TARGET=\"_blank\">201911-01</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://simplesamlphp.org/security/201911-01\" TARGET=\"_blank\">201911-01</A>",

"TITLE": "SimpleSAMLphp Signature validation bypass Vulnerability(201911-01)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "201911-01",

"URL": "https://simplesamlphp.org/security/201911-01"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "If metadata is consumed for a rogue entity that includes javascript code in the corresponding endpoints, this javascript code might be run by users trying to access this entity.",

"DIAGNOSIS": "SimpleSAMLphp is an award-winning application written in native PHP that deals with authentication. <P>\n\nAffected Versions:<br/>\nSimpleSAMLphp prior to 1.17.3.<P>\n\nQID Detection Logic:(Unauthenticated)<br/>\nThis QID checks for vulnerable version of SimpleSAMLphp<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "730016",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "simplesamlphp",

"VENDOR": "simplesamlphp"

}

},

"SOLUTION": "Customers are advised Upgrade to the latest version of SimpleSAMLphp. For more information please visit <A HREF=\"https://simplesamlphp.org/security/201907-01\" TARGET=\"_blank\">201907-01</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://simplesamlphp.org/security/201907-01\" TARGET=\"_blank\">201907-01</A>",

"TITLE": "SimpleSAMLphp Reflected Cross-Site-Scripting Vulnerability(201907-01)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "201907-01",

"URL": "https://simplesamlphp.org/security/201907-01"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Successful exploitation allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2020-36236",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36236"

},

{

"ID": "CVE-2020-36237",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36237"

},

{

"ID": "CVE-2020-29453",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29453"

}

]

},

"DIAGNOSIS": "Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions.<P>\n\nAffected version:<br/>\nAtlassian Jira Server and Data Center version prior to 8.5.11<br/>\nAtlassian Jira Server and Data Center version from 8.6.0 and prior to 8.13.3<br/>\nAtlassian Jira Server and Data Center version from 8.14.0 and prior to 8.15.0<P>\n\n\nQID Detection Logic:(Unauthenticated)<br/>\nIt checks for vulnerable version of Atlassian Jira.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "730028",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "jira",

"VENDOR": "atlassian"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72015\" TARGET=\"_blank\">JRASERVER-72015</A> for updates pertaining to this vulnerability.<br/>\n\nCustomers are advised to refer to <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72064\" TARGET=\"_blank\">JRASERVER-72064</A> for updates pertaining to this vulnerability.<P>\n\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72015\" TARGET=\"_blank\">JRASERVER-72015</A><P> <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72064\" TARGET=\"_blank\">JRASERVER-72064</A><P> <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72014\" TARGET=\"_blank\">JRASERVER-72014</A>",

"TITLE": "Atlassian Jira Server And Data Center Multiple Vulnerabilities(JRASERVER-72014,JRASERVER-72015,JRASERVER-72064)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "JRASERVER-72014",

"URL": "https://jira.atlassian.com/browse/JRASERVER-72014"

},

{

"ID": "JRASERVER-72015",

"URL": "https://jira.atlassian.com/browse/JRASERVER-72015"

},

{

"ID": "JRASERVER-72064",

"URL": "https://jira.atlassian.com/browse/JRASERVER-72064"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Successful exploit could allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-36235",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36235"

}

},

"DIAGNOSIS": "Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions.<P>\n\nAffected version:<br/>\nAtlassian Jira Server and Data Center version prior to 8.13.2<br/>\nAtlassian Jira Server and Data Center version from 8.14.0 and prior to 8.14.1<P>\n\nQID Detection Logic:(Unauthenticated)<br/>\nIt checks for vulnerable version of Atlassian Jira.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "730029",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "jira",

"VENDOR": "atlassian"

}

},

"SOLUTION": "Customers are advised to refer to <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-71950\" TARGET=\"_blank\">JRASERVER-71950</A> for updates pertaining to this vulnerability.<br/>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-71950\" TARGET=\"_blank\">JRASERVER-71950</A>",

"TITLE": "Atlassian Jira Server And Data Center Information Disclosure Vulnerability(JRASERVER-71950)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "JRASERVER-71950",

"URL": "https://jira.atlassian.com/browse/JRASERVER-71950"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Successful exploitation of this vulnerability could allow a local user to cause the application to enter into an infinite loop and expose some sensitive information.",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2019-19956",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956"

},

{

"ID": "CVE-2019-20388",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388"

},

{

"ID": "CVE-2020-7595",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595"

}

]

},

"DIAGNOSIS": "The IBM MQ Appliance is a hardware product that provides IBM MQ ready installed and ready to use. The main use of IBM MQ is to send or exchange messages. One application puts a message on a queue on one computer, and another application gets the same message from another queue on a different computer.<P>\n\nCVE-2019-19956: libxml2 is vulnerable to a denial of service, caused by a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c. By persuading a victim to open a specially crafted file.<br/>\nCVE-2019-20388: GNOME libxml2 could allow a remote attacker to obtain sensitive information, caused by an xmlSchemaValidateStream memory leak in xmlSchemaPreRun in xmlschemas.c.<br/>\nCVE-2020-7595: The Gnome Project Libxml2 is vulnerable to a denial of service, caused by an error in xmlStringLenDecodeEntities in parser.c.<P>\n\nAffected Versions:<br/>\nIBM MQ Appliance\t9.1.0.0 - 9.1.0.6 LTS<br/>\nIBM MQ Appliance\t9.2.0.0 LTS<br/>\nIBM MQ Appliance\t9.1.0- 9.2.1 CD<P>\n\nQID Detection Logic(unauthenticated):<br/>\nThis QID checks for the vulnerable version of IBM MQ Appliance<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:32Z",

"PATCHABLE": "1",

"PCI_FLAG": "0",

"PUBLISHED_DATETIME": "2021-04-08T12:44:32Z",

"QID": "730031",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "mq_appliance",

"VENDOR": "ibm"

}

},

"SOLUTION": "The vendor has released a fix to resolve the issue, please refer to <A HREF=\"https://www.ibm.com/support/pages/node/6403297\" TARGET=\"_blank\">6403297</A> for more information.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.ibm.com/support/pages/node/6403297\" TARGET=\"_blank\">6403297</A>",

"TITLE": "IBM MQ Appliance Multiple Vulnerabilities(6403297)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "6403297",

"URL": "https://www.ibm.com/support/pages/node/6403297"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Successful exploit could allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource.",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-26070",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26070"

}

},

"DIAGNOSIS": "Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions.<P>\n<P>CVE-2021-26070: Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource<br/>\n\nAffected version:<br/>\nAtlassian Jira Server and Data Center version prior to 8.13.3<br/>\nAtlassian Jira Server and Data Center version from 8.14.0 and before 8.14.1<P>\n\nQID Detection Logic:(Unauthenticated)<br/>\nIt checks for vulnerable version of Atlassian Jira.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "730032",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "jira",

"VENDOR": "atlassian"

}

},

"SOLUTION": "Customers are advised to refer to <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72029\" TARGET=\"_blank\">JJRASERVER-72029</A> for updates pertaining to this vulnerability.<br/>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72029\" TARGET=\"_blank\">JRASERVER-72029</A>",

"TITLE": "Atlassian Jira Server And Data Center Improper Authentication Vulnerability(JRASERVER-72029)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "JRASERVER-72029",

"URL": "https://jira.atlassian.com/browse/JRASERVER-72029"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "An authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.",

"CORRELATION": {

"EXPLOITS": {

"EXPLT_SRC": {

"EXPLT_LIST": {

"EXPLT": [

{

"DESC": "Server Side Request Forgery in vRealize Operations Manager API",

"LINK": "https://github.com/Al1ex/CVE-2021-21975",

"REF": "CVE-2021-21975"

},

{

"DESC": "VMware vRealize Operations Manager CVE-2021-21975 SSRF Vulnerability - Check",

"LINK": "https://github.com/GuayoyoCyber/CVE-2021-21975/blob/main/cve-2021-21975.nse",

"REF": "CVE-2021-21975"

}

]

},

"SRC_NAME": "Qualys"

}

}

},

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21975",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21975"

},

{

"ID": "CVE-2021-21983",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21983"

}

]

},

"DIAGNOSIS": "VMware vRealize Operations delivers self-driving IT operations management for private, hybrid, and multi-cloud environments in a unified, AI-powered platform.<P>\n\nMultiple vulnerabilities in VMware vRealize Operations were privately reported to VMware. <P>\nServer Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975)<br/>\nArbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983)<P>\n\nAffected Versions<br/>\nVMware vRealize Operations Manager v8.3.0<br/>\nVMware vRealize Operations Manager v8.2.0<br/>\nVMware vRealize Operations Manager v8.1.x<br/>\nVMware vRealize Operations Manager v8.0.x<br/>\nVMware vRealize Operations Manager v7.5.0<P>\n\nQID Detection Logic<br/>\nThis QID sends the request POST /casa/nodes/thumbprints and if receives a callback, system is vulnerable. If workaround is applied, QID will not be reported.",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available, Exploit Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-07T12:31:55Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-07T12:31:55Z",

"QID": "730034",

"SEVERITY_LEVEL": "4",

"SOFTWARE_LIST": {

"SOFTWARE": [

{

"PRODUCT": "vrealize_suite_lifecycle_manager",

"VENDOR": "vmware"

},

{

"PRODUCT": "cloud_foundation",

"VENDOR": "vmware"

},

{

"PRODUCT": "None",

"VENDOR": "vmware"

}

]

},

"SOLUTION": "The vendor has released updates to resolve this issue. Refer to <A HREF=\"https://www.vmware.com/security/advisories/VMSA-2021-0004.html\" TARGET=\"_blank\">VMSA-2021-0004</A> to obtain additional details.Workaround:<br/>Check the Workaround advised by the vendor <A HREF=\"https://www.vmware.com/security/advisories/VMSA-2021-0004.html\" TARGET=\"_blank\">here</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.vmware.com/security/advisories/VMSA-2021-0004.html\" TARGET=\"_blank\">VMSA-2021-0004</A>",

"TITLE": "VMware vRealize Operations Multiple Vulnerabilities (VMSA-2021-0004)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "VMSA-2021-0004",

"URL": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Allows remote anonymous attackers to determine if a group exists and members of groups if they are assigned to publicly visible issue field.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-36286",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36286"

}

},

"DIAGNOSIS": "Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions.<P>\n\nAffected version:<br/>\nAtlassian Jira Server and Data Center version prior to 8.5.13<br/>\nAtlassian Jira Server and Data Center version from 8.6.0 and prior to 8.13.5<br/>\nAtlassian Jira Server and Data Center version from 8.14.0 and prior to 8.15.1<P>\n\n\nQID Detection Logic:(Unauthenticated)<br/>\nIt checks for vulnerable version of Atlassian Jira.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "730035",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "jira",

"VENDOR": "atlassian"

}

},

"SOLUTION": "<P>Customers are advised to refer to <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72272\" TARGET=\"_blank\">JRASERVER-72272</A> for updates pertaining to this vulnerability.<br/>\n\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72272\" TARGET=\"_blank\">JRASERVER-72272</A>",

"TITLE": "Atlassian Jira Server Information Disclosure Vulnerability(JRASERVER-72272)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "JRASERVER-72272",

"URL": "https://jira.atlassian.com/browse/JRASERVER-72272"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Successful exploitation could affects integrity, availability and confidentiality.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-26029",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26029"

}

},

"DIAGNOSIS": "Joomla is a free and open-source content management system written in PHP. It uses object oriented programming techniques and is built on a model-view-controller web application framework. It includes features such as page caching, RSS feeds, printable versions of pages, news flashes, blogs, polls, search, and support for language internationalization.<P>\n\nAffected Version:<br/>\nJoomla! CMS versions 1.6.0 - 3.9.24<P>\n\nFixed Version:<br/>\nUpgrade to version 3.9.25<P>\n\nQID Detection Logic(Unauthenticated):<br/>\nQID checks for the Vulnerable version of Joomla.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:32Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:32Z",

"QID": "730036",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "joomla",

"VENDOR": "joomla"

}

},

"SOLUTION": "The vendor has released a patch in <A HREF=\"https://downloads.joomla.org/\" TARGET=\"_blank\">Joomla</A> to remediate this vulnerability.<br/>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://developer.joomla.org/security-centre/849-20210309-core-inadequate-filtering-of-form-contents-could-allow-to-overwrite-the-author-field.html\" TARGET=\"_blank\">20210309</A>",

"TITLE": "Joomla ACL Violation Vulnerability (20210309)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "20210309",

"URL": "https://developer.joomla.org/security-centre/849-20210309-core-inadequate-filtering-of-form-contents-could-allow-to-overwrite-the-author-field.html"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Successful exploitation could affects integrity, availability and confidentiality<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-23130",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23130"

},

{

"ID": "CVE-2021-23129",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23129"

}

]

},

"DIAGNOSIS": "Joomla is a free and open-source content management system written in PHP. It uses object oriented programming techniques and is built on a model-view-controller web application framework. It includes features such as page caching, RSS feeds, printable versions of pages, news flashes, blogs, polls, search, and support for language internationalization.<P>\n\nAffected Version:<br/>\nJoomla! CMS versions 2.5.0 - 3.9.24<P>\n\nFixed Version:<br/>\nUpgrade to version 3.9.25<P>\n\nQID Detection Logic(Unauthenticated):<br/>\nQID checks for the Vulnerable version of Joomla.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-08T12:44:32Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-08T12:44:32Z",

"QID": "730037",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "joomla",

"VENDOR": "joomla"

}

},

"SOLUTION": "The vendor has released a patch in <A HREF=\"https://downloads.joomla.org/\" TARGET=\"_blank\">Joomla</A> to remediate this vulnerability.<br/>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://developer.joomla.org/security-centre/844-20210304-core-xss-within-the-feed-parser-library.html\" TARGET=\"_blank\">20210304</A><P> <A HREF=\"https://developer.joomla.org/security-centre/843-20210303-core-xss-within-alert-messages-showed-to-users.html\" TARGET=\"_blank\">20210303</A>",

"TITLE": "Joomla Cross-Site Scripting Vulnerability (20210304 , 20210303)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "20210303",

"URL": "https://developer.joomla.org/security-centre/843-20210303-core-xss-within-alert-messages-showed-to-users.html"

},

{

"ID": "20210304",

"URL": "https://developer.joomla.org/security-centre/844-20210304-core-xss-within-the-feed-parser-library.html"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Apache Tomcat could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-25122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"

}

},

"DIAGNOSIS": "Apache Tomcat is an open source web server and servlet container developed by the Apache Software Foundation.<P>\n\nCVE-2021-25122: When responding to new h2c connection requests, Apache Tomcat could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.<P>\n\nAffected Versions:<br/>\nApache Tomcat 9.0.0.M1 to 9.0.41<P>\n\nQID Detection Logic (Unauthenticated): <br/>\nThe QID checks for vulnerable version by sending a GET /QUALYS13827 HTTP/1.0 request which helps in retrieving the installed version of Apache Tomcat in the banner of the response.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-13T12:29:25Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "730041",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "tomcat",

"VENDOR": "apache"

}

},

"SOLUTION": "Upgrade to the Apache Tomcat 9.0.43 or to the latest version of Apache Tomcat. Please refer to <A HREF=\"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43\" TARGET=\"_blank\">Apache Tomcat Website</A>.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43\" TARGET=\"_blank\">Fixed_in_Apache_Tomcat_9.0.43</A>",

"TITLE": "Apache Tomcat Duplicate Request Headers Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Apache_Tomcat_9.0.43",

"URL": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43"

}

},

"VULN_TYPE": "Potential Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Apache Tomcat could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2021-25122",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"

}

},

"DIAGNOSIS": "Apache Tomcat is an open source web server and servlet container developed by the Apache Software Foundation.<P>\n\nWhen responding to new h2c connection requests, Apache Tomcat could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.<P>\n\nAffected Versions:<br/>\nApache Tomcat 8.5.0 to 8.5.61<P>\n\nQID Detection Logic (Unauthenticated): <br/>\nThe QID checks for vulnerable version by sending a GET /QUALYS13827 HTTP/1.0 request which helps in retrieving the installed version of Apache Tomcat in the banner of the response.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-15T14:56:25Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-15T14:56:25Z",

"QID": "730042",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "tomcat",

"VENDOR": "apache"

}

},

"SOLUTION": "Upgrade to the Apache Tomcat 8.5.63 or to the latest version of Apache Tomcat. Please refer to <A HREF=\"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63\" TARGET=\"_blank\">Apache Tomcat Website</A>.<P>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63\" TARGET=\"_blank\">Apache_Tomcat_8.5.63</A>",

"TITLE": "Apache Tomcat Duplicate Request Headers Vulnerabilities",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Apache_Tomcat_8.5.63",

"URL": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Successful exploitation of these vulnerabilities could affect Confidentiality, Integrity and Availability.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-21639",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21639"

},

{

"ID": "CVE-2021-21640",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21640"

}

]

},

"DIAGNOSIS": "Jenkins is an open-source automation server written in Java. Jenkins helps to automate the non-human part of the software development process, with continuous integration and facilitating technical aspects of continuous delivery.<P>\n\nAffected Versions:<br/>\nJenkins weekly up to and including 2.286<br/>\nJenkins LTS up to and including 2.277.1<P>\n\nQID Detection Logic(Unauthenticated):<br/>\nThis QID checks for vulnerable version by sending a crafted GET request to Jenkins. This QID also detects the vulnerable version from login page or HTTP header.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-29T06:23:43Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-14T11:33:22Z",

"QID": "730045",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "jenkins",

"VENDOR": "jenkins"

}

},

"SOLUTION": "Customers are advised to upgrade to latest Jenkins version<br/>\nFor further details refer to <A HREF=\"https://www.jenkins.io/security/advisory/2021-04-07/\" TARGET=\"_blank\">Jenkins Security Advisory 2021-04-07</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://www.jenkins.io/security/advisory/2021-04-07/\" TARGET=\"_blank\">Jenkins Security Advisory 2021-04-07</A>",

"TITLE": "Jenkins Multiple Security Vulnerabilities(Jenkins Security Advisory 2021-04-07)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "Jenkins Security Advisory 2021-04-07",

"URL": "https://www.jenkins.io/security/advisory/2021-04-07/"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Successful exploit could allow remote anonymous attackers to obtain gadget related settings via a missing permissions check.<P>",

"CVE_LIST": {

"CVE": {

"ID": "CVE-2020-36287",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36287"

}

},

"DIAGNOSIS": "Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions.<P>\n\nAffected version:<br/>\nAtlassian Jira Server and Data Center version prior to 8.13.5<br/>\nAtlassian Jira Server and Data Center version from 8.14.0 and prior to 8.15.1<P>\n\nQID Detection Logic:(Unauthenticated)<br/>\nIt checks for vulnerable version of Atlassian Jira.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-19T14:36:41Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:41Z",

"QID": "730046",

"SEVERITY_LEVEL": "3",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "jira",

"VENDOR": "atlassian"

}

},

"SOLUTION": "Customers are advised to refer to <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72258\" TARGET=\"_blank\">JRASERVER-72258</A> for updates pertaining to this vulnerability.<br/>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://jira.atlassian.com/browse/JRASERVER-72258\" TARGET=\"_blank\">JRASERVER-72258</A>",

"TITLE": "Atlassian Jira Server And Data Center Privilege Escalation Vulnerability(JRASERVER-72258)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "JRASERVER-72258",

"URL": "https://jira.atlassian.com/browse/JRASERVER-72258"

}

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "Successful exploitation could affects on integrity, confidentiality, availability.<P>",

"CVE_LIST": {

"CVE": [

{

"ID": "CVE-2021-26031",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26031"

},

{

"ID": "CVE-2021-26030",

"URL": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26030"

}

]

},

"DIAGNOSIS": "Joomla is a free and open-source content management system written in PHP. It uses object oriented programming techniques and is built on a model-view-controller web application framework. It includes features such as page caching, RSS feeds, printable versions of pages, news flashes, blogs, polls, search, and support for language internationalization.<P>\n\nAffected Version:<br/>\nJoomla! CMS versions 3.0.0 - 3.9.25<P>\n\nFixed Version:<br/>\nUpgrade to version 3.9.26<P>\n\nQID Detection Logic(Unauthenticated):<br/>\nQID checks for the Vulnerable version of Joomla.<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-05-09T05:09:20Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-19T14:36:41Z",

"QID": "730049",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "joomla",

"VENDOR": "joomla"

}

},

"SOLUTION": "The vendor has released a patch in <A HREF=\"https://downloads.joomla.org/\" TARGET=\"_blank\">Joomla</A> to remediate this vulnerability.<br/>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://developer.joomla.org/security-centre/851-20210402-core-inadequate-filters-on-module-layout-settings.html\" TARGET=\"_blank\">20210402</A><P> <A HREF=\"https://developer.joomla.org/security-centre/850-20210401-core-escape-xss-in-logo-parameter-error-pages.html\" TARGET=\"_blank\">20210401</A>",

"TITLE": "Joomla Multiple Security Vulnerability(20210402, 20210401)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": [

{

"ID": "20210402",

"URL": "https://developer.joomla.org/security-centre/851-20210402-core-inadequate-filters-on-module-layout-settings.html"

},

{

"ID": "20210401",

"URL": "https://developer.joomla.org/security-centre/850-20210401-core-escape-xss-in-logo-parameter-error-pages.html"

}

]

},

"VULN_TYPE": "Vulnerability"

},

{

"CATEGORY": "CGI",

"CONSEQUENCE": "An Identity Provider with metadata for trusted entities that support the SAML ECP profile, may end up storing the user's credentials received from such entities in its own session storage, whatever that is, in case ECP is actually not enabled in the IdP. Under such circumstances, the credentials may be then accessible to administrators, other personnel or even malicious parties who may have access to the systems where sessions or their backups are stored.",

"DIAGNOSIS": "SimpleSAMLphp is an award-winning application written in native PHP that deals with authentication. <P>\n\nAffected Versions:<br/>\nSimpleSAMLphp 1.16.0 to 1.16.2.<P>\n\nQID Detection Logic:(Unauthenticated)<br/>\nThis QID checks for vulnerable version of SimpleSAMLphp<P>",

"DISCOVERY": {

"ADDITIONAL_INFO": "Patch Available",

"REMOTE": "1"

},

"LAST_SERVICE_MODIFICATION_DATETIME": "2021-04-06T12:45:16Z",

"PATCHABLE": "1",

"PCI_FLAG": "1",

"PUBLISHED_DATETIME": "2021-04-06T12:45:16Z",

"QID": "740001",

"SEVERITY_LEVEL": "2",

"SOFTWARE_LIST": {

"SOFTWARE": {

"PRODUCT": "simplesamlphp",

"VENDOR": "simplesamlphp"

}

},

"SOLUTION": "Customers are advised Upgrade to the latest version of SimpleSAMLphp. For more information please visit <A HREF=\"https://simplesamlphp.org/security/201812-01\" TARGET=\"_blank\">201812-01</A>\n<P>Patch:<br/>\nFollowing are links for downloading patches to fix the vulnerabilities:\n<P> <A HREF=\"https://simplesamlphp.org/security/201812-01\" TARGET=\"_blank\">201812-01</A>",

"TITLE": "SimpleSAMLphp Credentials Exposure In Session Storage Vulnerability(201812-01)",

"VENDOR_REFERENCE_LIST": {

"VENDOR_REFERENCE": {

"ID": "201812-01",

"URL": "https://simplesamlphp.org/security/201812-01"

}

},

"VULN_TYPE": "Vulnerability"

}

]

}

}

}

Human Readable Output

Return result too large, uploaded as a file

qualys-group-list

---

Get account asset groups

Base Command

qualys-group-list

Input

Argument Name	Description	Required
ids	Show only asset groups with certain IDs. Multiple IDs are comma separated.	Optional
id_min	Show only asset groups with certain IDs. Multiple IDs are comma separated.	Optional
id_max	Show only asset groups that have an ID less than or equal to the specified ID.	Optional
truncation_limit	Specify the maximum number of asset group records to output. By default this is set to 1000 records. If you specify truncation_limit=0, the output is not paginated and all records are returned in a single output.	Optional
network_ids	Optional and valid only when the Networks feature is enabled in your account) Restrict the request to certain network IDs. Multiple IDs are comma separated.	Optional
unit_id	Show only asset groups that have a business unit ID equal to the specified ID.	Optional
user_id	Show only asset groups that have a user ID equal to the specified ID.	Optional
title	Show only the asset group that has a title equal to the specified string - this must be an exact match.	Optional
show_attributes	Show attributes for each asset group along with the ID. Your options are: None, All or a comma-separated list of attribute names: ID, TITLE, OWNER_USER_NAME, OWNER_USER_ID, OWNER_UNIT_ID, NETWORK_IDS, LAST_UPDATE, IP_SET, APPLIANCE_LIST, DOMAIN_LIST, DNS_LIST, NETBIOS_LIST, EC2_ID_LIST, HOST_IDS, ASSIGNED_USER_IDS, ASSIGNED_UNIT_IDS, BUSINESS_IMPACT, CVSS, COMMENTS.	Optional
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.AssetGroup.ID	unknown	Asset Group ID.
Qualys.AssetGroup.TITLE	unknown	Asset Group title.
Qualys.AssetGroup.OWNER_ID	unknown	Asset Group owner ID.
Qualys.AssetGroup.UNIT_ID	unknown	Asset Group unit ID.
Qualys.AssetGroup.NETWORK_ID	unknown	Asset Group network ID.
Qualys.AssetGroup.IP_SET.IP	unknown	IP in the asset group.
Qualys.AssetGroup.IP_SET.IP_RANGE	unknown	Asset Group IP range.
Qualys.AssetGroup.APPLIANCE_IDS	unknown	Appliance IDs of the asset group.
Qualys.AssetGroup.DEFAULT_APPLIANCE_ID	unknown	Default appliance IDs of the asset group.

Command Example

!qualys-group-list title=All

Context Example

{

"Qualys": {

"AssetGroup": {

"ID": "492950",

"IP_SET": {

"IP": [

"1.1.1.1",

"1.1.2.1",

"1.1.2.3",

"1.5.2.1",

"1.5.6.1",

"8.8.8.8",

"18.130.16.32",

"23.96.25.100",

"34.99.231.241",

"35.185.27.57",

"52.58.204.23",

"54.155.52.85",

"96.252.18.158",

"172.31.10.110",

"1.1.1.1",

"1.1.1.1"

],

"IP_RANGE": [

"1.1.1.3-1.1.1.9",

"1.1.2.8-1.1.2.9",

"1.2.2.2-1.2.2.3",

"192.168.0.87-192.168.0.92"

]

},

"TITLE": "All"

}

}

}

Human Readable Output

Group List

APPLIANCE_IDS	DEFAULT_APPLIANCE_ID	ID	IP_SET	TITLE
		492950	IP: 1.1.1.1, 1.1.2.1, 1.1.2.3, 1.5.2.1, 1.5.6.1, 8.8.8.8, 18.130.16.32, 23.96.25.100, 34.99.231.241, 35.185.27.57, 52.58.204.23, 54.155.52.85, 96.252.18.158, 172.31.10.110, 1.1.1.1, 1.1.1.1 IP_RANGE: 1.1.1.3-1.1.1.9, 1.1.2.8-1.1.2.9, 1.2.2.2-1.2.2.3, 192.168.0.87-192.168.0.92	All

qualys-report-fetch

---

Download report

Base Command

qualys-report-fetch

Input

Argument Name	Description	Required
id	Report ID of a saved report that you want to download.	Required
file_format	Type of the file of the report. Can be checked by calling the qualys-report-list command. Possible values are: pdf, html, mht, xml, csv, docx, online.	Required

Context Output

Path	Type	Description
InfoFile.Name	unknown	The file name.
InfoFile.EntryID	unknown	The ID for locating the file in the War Room.
InfoFile.Size	unknown	The size of the file (in bytes).
InfoFile.Type	unknown	The file type, as determined by libmagic (same as displayed in file entries).
InfoFile.Extension	unknown	The file extension.
InfoFile.Info	unknown	Basic information about the file.

Command Example

!qualys-report-fetch id=9470594 file_format=pdf

Context Example

{

"InfoFile": {

"EntryID": "1489@ad70a33b-26a4-4a3c-8013-24494880c3ee",

"Extension": "pdf",

"Info": "application/pdf",

"Name": "report_9470594.pdf",

"Size": 15580,

"Type": "PDF document, version 1.7"

}

}

Human Readable Output

qualys-vm-scan-fetch

---

Download scan results when scan has status Finished, Canceled, Paused or Error

Base Command

qualys-vm-scan-fetch

Input

Argument Name	Description	Required
scan_ref	The scan reference for a vulnerability scan. This will have the format: scan/nnnnnnnnnn.nnnnn.	Required
ips	Show only certain IP addresses/ranges in the scan results. One or more IPs/ranges may be specified. A range entry is specified using a hyphen (for example, 10.10.10.1-10.10.10.20). Multiple entries are comma separated. .	Optional
mode	The verbosity of the scan results details. One verbosity mode may be specified: brief (the default) or extended. The brief output includes this information: IP address, DNS hostname, NetBIOS hostname, QID and scan test results if applicable. The extended output includes the brief output plus this extended information: protocol, port, an SSL flag (“yes” is returned when SSL was used for the detection, “no” is returned when SSL was not used), and FQDN if applicable. Possible values are: brief, extended.	Optional
client_id	Id assigned to the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request.	Optional
client_name	Name of the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request.	Optional

Context Output

Path	Type	Description
Qualys.VM.Dns	unknown	Scanned device DNS.
Qualys.VM.Instance	unknown	Scanned device instance.
Qualys.VM.IP	unknown	Scanned device IP address.
Qualys.VM.Netbios	unknown	Scanned device Netbios.
Qualys.VM.QID	unknown	Qualys ID for vulnerabilities.
Qualys.VM.Result	unknown	Scan result.

Command Example

!qualys-vm-scan-fetch scan_ref=scan/1615886852.37638 ips=1.1.1.1 mode=brief

Context Example

{

"Qualys": {

"VM": [

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 82040,

"Result": "ICMP Reply Type\tTriggered By\tAdditional Information\nEcho (type=0 code=0)\tEcho Request\tEcho Reply"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 6,

"Result": "IP address\tHost name\n1.1.1.1\tone.one.one.one"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 34011,

"Result": "Some of the ports"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 45035,

"Result": "Level 1: DNS server: L.ROOT-SERVERS.NET"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 45006,

"Result": "Hops\tIP\tRound Trip Time\tProbe\tPort\n1"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 45004,

"Result": "The network handle is: APNIC-1\nNetwork description:\nAsia Pacific Network Information Centre"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 45005,

"Result": "The ISP network handle is: PNAP-05-2000\nISP Network description:\nInternap Holding LLC"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 42416,

"Result": "HTTP/1.1 200 OK\nDate: Tue, 16 Mar 2021 09:35:44 GMT\nContent-Type: text/html\nTransfer-Encoding: chunked\nConnection: keep-alive\nLast-Modified: Fri, 05 Mar 2021 18:02:22"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 82046,

"Result": "IP ID changes observed (network order) for port 53: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 \nDuration: 21 milli seconds"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 45039,

"Result": "Host Name\tSource\none.one.one.one\tFQDN"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 82045,

"Result": "Average change between subsequent TCP initial sequence numbers is 1122907317 with a standard deviation of 638947889. These TCP initial sequence numbers were triggered by TCP SYN probes sent to the host at an average rate of 1/(5999 microseconds). The degree of difficulty to exploit the TCP initial sequence number generation scheme is: hard."

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 82023,

"Result": "Port\tIANA Assigned Ports/Services\tDescription\tService Detected\tOS On Redirected Port\n53\tdomain\tDomain Name Server\tDNS Server \t \n80\twww-http\tWorld Wide Web HTTP\thttp \t \n443\thttps\thttp protocol over TLS/SSL\thttp over ssl"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 82004,

"Result": "Port\tIANA Assigned Ports/Services\tDescription\tService Detected\n53\tdomain\tDomain Name Server\tnamed udp"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 45038,

"Result": "Scan duration: 1264 seconds\n\nStart time: Tue, Mar 16 2021, 09:28:47 GMT\n\nEnd time: Tue, Mar 16 2021, 09:49:51 GMT"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 45426,

"Result": "Protocol\tPort\tTime\nTCP\t53\t 0:00:51\nTCP\t80\t 0:52:14\nTCP\t443\t 0:55:13\nUDP\t53\t 0:01:45"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 15034,

"Result": "Server supports recursive name resolution to IPv4 addresses.\nServer supports recursive name resolution to IPv6 addresses."

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 15033,

"Result": "--- IPv4 ---\n;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, rcode: NOERROR, id: 17496\n;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 \n;; QUESTION SECTION:\n;; one.one.one. IN SOA\n\n;; ANSWER SECTION:\none.one.one. 2632 IN SOA fred.ns.cloudflare.com. dns.cloudflare.com. 2036516775 10000 2400 604800 3600\n\n;; AUTHORITY SECTION:\n\n;; ADDITIONAL SECTION:\n\n;; Query time: 1 msec\n;; SERVER: 1.1.1.1\n;; WHEN: Tue Mar 16 02:28:49 2021\n;; MSG SIZE rcvd: 91\n\n--- IPv6 ---\n;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, rcode: NOERROR, id: 24573\n;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 \n;; QUESTION SECTION:\n;; one.one.one. IN SOA\n\n;; ANSWER SECTION:\none.one.one. 3600 IN SOA fred.ns.cloudflare.com. dns.cloudflare.com. 2036516775 10000 2400 604800 3600\n\n;; AUTHORITY SECTION:\n\n;; ADDITIONAL SECTION:\n\n;; Query time: 3 msec\n;; SERVER: 1.1.1.1\n;; WHEN: Tue Mar 16 02:28:49 2021\n;; MSG SIZE rcvd: 91"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 15068,

"Result": ";; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, rcode: NOERROR, id: 4374\n;; flags: qr rd ra ; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0 \n;; QUESTION SECTION:\n;; . IN NS\n\n;; ANSWER SECTION:\n. 513673 IN NS a.root-servers.net.\n. 513673 IN NS b.root-servers.net.\n. 513673 IN NS c.root-servers.net.\n. 513673 IN NS d.root-servers.net.\n. 513673 IN NS e.root-servers.net.\n. 513673 IN NS f.root-servers.net.\n. 513673 IN NS g.root-servers.net.\n. 513673 IN NS h.root-servers.net.\n. 513673 IN NS i.root-servers.net.\n. 513673 IN NS j.root-servers.net.\n. 513673 IN NS k.root-servers.net.\n. 513673 IN NS l.root-servers.net.\n. 513673 IN NS m.root-servers.net.\n\n;; AUTHORITY SECTION:\n\n;; ADDITIONAL SECTION:\n\n;; Query time: 1 msec\n;; SERVER: 1.1.1.1\n;; WHEN: Tue Mar 16 02:28:55 2021\n;; MSG SIZE rcvd: 228"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 15086,

"Result": ":_F8_81_80_00_01_00_00_00_00_00_00_00_02_00_01_00_00_02_00_01_00_07_D4_FE_00_14_01a_0Croot-servers_03net_00_00_00_02_00_01_00_07_D4_FE_00_04_01b_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01c_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01d_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01e_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01f_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01g_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01h_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01i_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01j_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01k_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01l_C0_1E_00_00_02_00_01_00_07_D4_FE_00_04_01m_C0_1E"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 15001,

"Result": "2021.3.3"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38291,

"Result": "TLSv1 session caching is enabled on the target.\nTLSv1.1 session caching is enabled on the target.\nTLSv1.2 session caching is enabled on the target.\nTLSv1.3 session caching is disabled on the target."

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 86002,

"Result": "NAME\tVALUE"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38717,

"Result": "Certificate #0 CN=cloudflare-dns.com,O=Cloudflare\\,_Inc.,L=San_Francisco,ST=California,C=US OCSP status: good"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38718,

"Result": "Source\tValidated\tName\tURL\tID\tTime\nCertificate #0\t \tCN=cloudflare-dns.com,O=Cloudflare\\, Inc.,L=San Francisco,ST=California,C=US\t \t \t \nCertificate\tno\t(unknown)\t(unknown)\t2979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc784\tThu 01 Jan 1970 12:00:00 AM GMT\nCertificate\tyes\tDigiCert Yeti2022 Log\tyeti2022.ct.digicert.com/log/\t2245450759552456963fa12ff1f76d86e0232663adc04b7f5dc6835c6ee20f02\tMon 11 Jan 2021 07:24:24 PM GMT"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38628,

"Result": "TLSv1.0 is supported"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38794,

"Result": "TLSv1.1 is supported"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 42350,

"Result": "TLS Secure Renegotiation Extension Status: supported."

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38597,

"Result": "#table\tcols=2\nmy version\ttarget version\n0304\t0303\n0399\t0303\n0400\t0303\n0499\t0303"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38116,

"Result": "CIPHER\tKEY-EXCHANGE\tAUTHENTICATIO"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38704,

"Result": "NAME\tGROUP\tKEY-SIZE\tFORWARD-SECRET\tCLASSICAL-STRENGTH\tQUANTUM-STRENGTH\nTLSv1"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38706,

"Result": "NAME\tSTATUS\nTLSv1\t \nExtended Master Secret\tyes\nEncrypt Then MAC\tno\nHeartbeat\tno"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 86565,

"Result": "GET / HTTP/1.1\nHost:1.1.1.1:80\n\nGET /Q_Evasive/ HTTP/1.1"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 38610,

"Result": "TLS_FALLBACK_SCSV is supported on port 443."

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 12230,

"Result": "GET / HTTP/1.0\nHost: one.one.one.one\n\n\n\nHTTP/1.1 301 Moved Permanently"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 13910,

"Result": "GET / HTTP/1.0\nHost: one.one.one.one\n\n\n\nHTTP/1.1 200 OK\nDate:"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 45266,

"Result": "Remote Web Server supports HTTP version 1.x on 443 port.GET / HTTP/1.1"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 48118,

"Result": "HTTP header and method information collected on port 443."

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 86672,

"Result": "Directory\tSource\n/help/\tbrute force\n/faq/\tbrute force\n/help/\tweb page\n/media/\tweb page"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 86137,

"Result": "Strict-Transport-Security: max-age=31536000"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 11827,

"Result": "X-Frame-Options or Content-Security-Policy"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 48001,

"Result": "Content-Security-Policy HTTP Header missing on port 443.\nGET / HTTP/1.0\nHost: one.one.one.one"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 48002,

"Result": "HTTP Public-Key-Pins Header missing on port 443.\nGET / HTTP/1.0\nHost: one.one.one.one"

},

{

"Dns": "one.one.one.one",

"IP": "1.1.1.1",

"Instance": null,

"Netbios": null,

"QID": 48131,

"Result": "Referrer-Policy HTTP Header missing on 443 port."

}

]

}

}

Human Readable Output

VM Scan Fetch

Dns	IP	Instance	Netbios	QID	Result
one.one.one.one	1.1.1.1			82040	ICMP Reply Type Triggered By Additional Information Echo (type=0 code=0) Echo Request Echo Reply
one.one.one.one	1.1.1.1			6	IP address Host name 1.1.1.1 one.one.one.one
one.one.one.one	1.1.1.1			34011
one.one.one.one	1.1.1.1			48131	Referrer-Policy HTTP Header missing on 443 port.

qualys-pc-scan-fetch

---

fetch scan results for a scan

Base Command

qualys-pc-scan-fetch

Input

Argument Name	Description	Required
scan_ref	The scan reference for a compliance scan. This will have the format: compliance/nnnnnnnnnn.nnnnn.	Required

Context Output

Path	Type	Description
Qualys.PC.USERNAME	unknown	The user who executed the scan.
Qualys.PC.COMPANY	unknown	The company of the user who executed the scan.
Qualys.PC.USERNAME	unknown	The user who executed the scan.
Qualys.PC.DATE	unknown	The date of the scan.
Qualys.PC.TITLE	unknown	The scan title.
Qualys.PC.TARGET	unknown	IP’s which were scanned.
Qualys.PC.EXCLUDED_TARGET	unknown	IP’s which were excluded from the scan.
Qualys.PC.DURATION	unknown	The duration of the scan.
Qualys.PC.NBHOST_ALIVE	unknown	Number of hosts that are available during the scan.
Qualys.PC.NBHOST_TOTAL	unknown	Total number of hosts that were submitted to scan.
Qualys.PC.REPORT_TYPE	unknown	Type of the report.
Qualys.PC.OPTIONS	unknown	Scan option profile.
Qualys.PC.STATUS	unknown	Status of the scan.

Command Example

!qualys-pc-scan-fetch scan_ref=compliance/1619019653.71885

Context Example

{

"Qualys": {

"PC": {

"COMPANY": "SomeCompany",

"DATE": "2021-04-21T15:42:48Z",

"DURATION": "00:05:42",

"EXCLUDED_TARGET": "N/A",

"NBHOST_ALIVE": "1",

"NBHOST_TOTAL": "1",

"OPTIONS": "Scanned Ports: Targeted Scan, Hosts to Scan in Parallel - External Scanners: 15, Hosts to Scan in Parallel - Scanner Appliances: 30, Total Processes to Run in Parallel: 10, HTTP Processes to Run in Parallel: 10, Packet (Burst) Delay: Medium, Intensity: Normal, Overall Performance: Normal, ICMP Host Discovery, Ignore RST packets: Off, Ignore firewall-generated SYN-ACK packets: Off, Do not send ACK or SYN-ACK packets during host discovery: Off",

"REPORT_TYPE": "API",

"SCAN_HOST": "64.39.99.101 (Scanner 12.3.51-1, Vulnerability Signatures 2.5.162-3)",

"STATUS": "FINISHED",

"TARGET": "1.1.1.1",

"TITLE": "N/A",

"USERNAME": "demst2nr"

}

}

}

Human Readable Output

Policy Compliance Scan

COMPANY	DATE	DURATION	EXCLUDED_TARGET	NBHOST_ALIVE	NBHOST_TOTAL	OPTIONS	REPORT_TYPE	SCAN_HOST	STATUS	TARGET	TITLE	USERNAME
SomeCompany	2021-04-21T15:42:48Z	00:05:42	N/A	1	1	Scanned Ports: Targeted Scan, Hosts to Scan in Parallel - External Scanners: 15, Hosts to Scan in Parallel - Scanner Appliances: 30, Total Processes to Run in Parallel: 10, HTTP Processes to Run in Parallel: 10, Packet (Burst) Delay: Medium, Intensity: Normal, Overall Performance: Normal, ICMP Host Discovery, Ignore RST packets: Off, Ignore firewall-generated SYN-ACK packets: Off, Do not send ACK or SYN-ACK packets during host discovery: Off	API	64.39.99.101 (Scanner 12.3.51-1, Vulnerability Signatures 2.5.162-3)	FINISHED	1.1.1.1	N/A	demst2nr

qualys-report-cancel

---

Cancel the running report.

Base Command

qualys-report-cancel

Input

Argument Name	Description	Required
id	Report ID.	Required

Context Output

Path	Type	Description
Qualys.Report.ID	String	ID of the canceled report
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for report cancellation.

Command Example

!qualys-report-cancel id="9229164"

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:00:02Z",

"TEXT": "Report cancelled successfully",

"ID": "9229164"

}

}

}

Human Readable Output

Canceled report

DATETIME	ID	TEXT
2021-12-20T12:00:02Z	9229164	Report cancelled successfully

qualys-report-delete

---

Delete a saved report in the user’s Report Share.

Base Command

qualys-report-delete

Input

Argument Name	Description	Required
id	(Required) The report ID you want to take action on.	Required

Context Output

Path	Type	Description
Qualys.Report.ID	String	Deleted report ID.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the report deletion.

Command Example

!qualys-report-delete id=9470634

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:00:02Z",

"TEXT": "Report deleted successfully",

"ID": "9470634"

}

}

}

Human Readable Output

Deleted report

DATETIME	ID	TEXT
2021-12-20T12:00:02Z	9470634	Report deleted successfully

qualys-scorecard-launch

---

Launch a vulnerability scorecard report.

Base Command

qualys-scorecard-launch

Input

Argument Name	Description	Required
name	Scorecard name for the vulnerability scorecard report.	Required
report_title	User-defined report title.	Optional
output_format	Output format of the report. One output format may be specified. Possible values are: pdf, html, mht, xml, csv. Default is xml.	Required
source	The source asset groups for the report.	Required
hide_header	(Valid for CSV format report only). Specify hide_header=1 to omit the header information from the report. Possible values are: 1, 0.	Optional
pdf_password	The password to be used for encryption.	Optional
recipient_group	The report recipients in the form of one or more distribution groups.	Optional
recipient_group_id	Specify users who will receive the email notification when the report is complete.	Optional
asset_groups	The titles of asset groups to be used as source asset groups for the scorecard report.	Optional
all_asset_groups	et to 1 to select all asset groups available in your account as the source asset groups for the scorecard report. Possible values are: 1.	Optional
business_unit	The title of a business unit containing the source asset groups.	Optional
division	A business info tag identifying a division that asset group(s) belong to.	Optional
function	A business info tag identifying a business function for asset group(s).	Optional
location	A business info tag identifying a location where asset group(s) are located.	Optional
patch_qids	Up to 10 QIDs for vulnerabilities or potential vulnerabilities with available patches. Multiple QIDs are comma separated.	Optional
missing_qids	One or two QIDs for missing software. Two QIDs are comma separated.	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Report ID.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the scorecard launch.

Command Example

!qualys-scorecard-launch name="Most Prevalent Vulnerabilities Report" output_format=pdf all_asset_groups=1 source=asset_groups

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:00:02Z",

"ID": "10788991",

"TEXT": "New scorecard launched"

}

}

}

Human Readable Output

New scorecard launched

DATETIME	ID	TEXT
2021-12-20T12:00:02Z	10788991	New scorecard launched

qualys-vm-scan-launch

---

launch vulnerability scans in the user’s account.

Base Command

qualys-vm-scan-launch

Input

Argument Name	Description	Required
scan_title	The scan title. This can be a maximum of 2000 characters (ascii).	Optional
target_from	Specify “assets” (the default) when your scan target will include IP addresses/ranges and/or asset groups. Specify “tags” when your scan target will include asset tags. Possible values are: assets, tags.	Optional
ip	The IP addresses to be scanned. You may enter individual IP addresses and/or ranges. Multiple entries are comma separated. One of these parameters is required: ip, asset_groups or asset_group_ids.	Optional
asset_groups	The titles of asset groups containing the hosts to be scanned. Multiple titles are comma separated. One of these parameters is required: ip, asset_groups or asset_group_ids.	Optional
asset_group_ids	The IDs of asset groups containing the hosts to be scanned. Multiple IDs are comma separated. One of these parameters is required: ip, asset_groups or asset_group_ids.	Optional
exclude_ip_per_scan	The IP addresses to be excluded from the scan when the scan target is specified as IP addresses (not asset tags). You may enter individual IP addresses and/or ranges. Multiple entries are comma separated.	Optional
tag_include_selector	Select “any” (the default) to include hosts that match at least one of the selected tags. Select “all” to include hosts that match all of the selected tags. Possible values are: all, any.	Optional
tag_exclude_selector	Select “any” (the default) to exclude hosts that match at least one of the selected tags. Select “all” to exclude hosts that match all of the selected tags. Possible values are: all, any.	Optional
tag_set_by	Specify “id” (the default) to select a tag set by providing tag IDs. Specify “name” to select a tag set by providing tag names. Possible values are: id, name.	Optional
tag_set_include	Specify a tag set to include. Hosts that match these tags will be included. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
tag_set_exclude	Specify a tag set to exclude. Hosts that match these tags will be excluded. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
use_ip_nt_range_tags_include	Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to scan all IP addresses defined in the tag selection. When this is specified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected. valid only when target_from=tags is specified. Possible values are: 0, 1.	Optional
use_ip_nt_range_tags_exclude	Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to exclude all IP addresses defined in the tag selection. When this is specified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected. valid only when target_from=tags is specified. Possible values are: 0, 1.	Optional
use_ip_nt_range_tags	Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to scan all IP addresses defined in tags. When this ispecified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected. Possible values are: 0, 1.	Optional
iscanner_id	The IDs of the scanner appliances to be used. Multiple entries are comma separated. For an Express Lite user, Internal Scanning must be enabled in the user's account. One of these parameters must also be specified in a request: iscanner_name, iscanner_id, default_scanner, scanners_in_ag, scanners_in_tagset. When none of these are specified, External scanners are used. These parameters are mutually exclusive and cannot be specified in the same request: iscanner_id and iscanner_name.	Optional
iscanner_name	Specifies the name of the Scanner Appliance for the map, when the map target has private use internal IPs. Using Express Lite, Internal Scanning must be enabled in your account.	Optional
default_scanner	Specify 1 to use the default scanner in each target asset group. For an Express Lite user, Internal Scanning must be enabled in the user’s account. Possible values are: 0, 1.	Optional
scanners_in_ag	Specify 1 to distribute the scan to the target asset groups’ scanner appliances. Appliances in each asset group are tasked with scanning the IPs in the group. By default up to 5 appliances per group will be used and this can be configured for your account (please contact your Account Manager or Support). For an Express Lite user, Internal Scanning must be enabled in the user’s account. Possible values are: 0, 1.	Optional
scanners_in_tagset	Specify 1 to distribute the scan to scanner appliances that match the asset tags specified for the scan target. One of these parameters must be specified in a request for an internal scan: iscanner_name, iscanner_id, default_scanner, scanners_in_ag, scanners_in_tagset. When none of these are specified, external scanners are used. Only valid when the target_from=tags is specified. Possible values are: 0, 1.	Optional
scanners_in_network	Specify 1 to distribute the scan to all scanner appliances in the network.	Optional
option_title	The title of the compliance option profile to be used. One of these parameters must be specified in a request: option_title or option_id. These are mutually exclusive and cannot be specified in the same request.	Optional
option_id	The ID of the compliance option profile to be used. One of these parameters must be specified in a request: option_title or option_id. These are mutually exclusive and cannot be specified in the same request.	Optional
priority	Specify a value of 0 - 9 to set a processing priority level for the scan. When not specified, a value of 0 (no priority) is used. 0 = No Priority (the default), 1 = Emergency, 2 = Ultimate, 3 = Critical, 4 = Major, 5 = High, 6 = Standard, 7 = Medium, 8 = Minor, 9 = Low. Possible values are: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9.	Optional
connector_name	(Required for EC2 scan) The name of the EC2 connector for the AWS integration you want to run the scan on.	Optional
ec2_endpoint	(Required for EC2 scan) The EC2 region code or the ID of the Virtual Private Cloud (VPC) zone.	Optional
ec2_instance_ids	The ID of the EC2 instance on which you want to launch the VM or compliance scan. Multiple ec2 instance ids are comma separated. You can add up to maximum 10 instance Ids.	Optional
ip_network_id	The ID of a network used to filter the IPs/ranges specified in the“ip” parameter. Set to a custom network ID (note this does not filter IPs/ranges specified in “asset_groups” or “asset_group_ids”). Or set to “0” (the default) for the Global Default Network - this is used to scan hosts outside of your custom networks.	Optional
runtime_http_header	Set a custom value in order to drop defenses (such as logging, IPs, etc) when an authorized scan is being run. The value you enter will be used in the “Qualys-Scan:” header that will be set for many CGI and web application fingerprinting checks. Some discovery and web server fingerprinting checks will not use this header.	Optional
scan_type	Launch a CertView type scan. This option will be supported when CertView GA is released and enabled for your account. Possible values are: certview.	Optional
fqdn	The target FQDN for a vulnerability scan. You must specify at least one target i.e. IPs, asset groups or FQDNs. Multiple values are comma separated.	Optional
client_id	Id assigned to the client (Consultant type subscription only). Parameter client_id or client_name may be specified for the same request.	Optional
client_name	Name of the client (Consultant type subscriptions only). Parameter client_id or client_name may be specified for the same request.	Optional
include_agent_targets	Specify 1 when your scan target includes agent hosts. This lets you scan private IPs where agents are installed when these IPs are not in your VM/PC license. Possible values are: 0, 1.	Optional

Context Output

Path	Type	Description
Qualys.Report.VM.Launched.KEY	unknown	Key name of launched VM scan, either ID or a REFERENCE.
Qualys.Report.VM.Launched.VALUE	unknown	Value of the key.

Command Example

!qualys-vm-scan-launch scan_title=new target_from=assets ip=1.1.1.1 exclude_ip_per_scan=1.1.1.2 priority=4 option_title=Test2

Context Example

{

"Qualys": {

"Report": {

"VM": {

"Launched": [

{

"KEY": "ID",

"VALUE": "21840817"

},

{

"KEY": "REFERENCE",

"VALUE": "scan/1622364459.40817"

}

]

}

}

}

}

Human Readable Output

New Vulnerability Scan launched

KEY	VALUE
ID	21840817
REFERENCE	scan/1622364459.40817

qualys-vm-scan-action

---

allows users to take actions on vulnerability scans in their account, like cancel, pause, resume, delete and fetch completed scan results

Base Command

qualys-vm-scan-action

Input

Argument Name	Description	Required
action	One action required for the request. Possible values are: cancel, pause, resume, delete.	Required
scan_ref	The scan reference for a vulnerability scan. This will have the format: scan/nnnnnnnnnn.nnnnn.	Required

Context Output

There is no context output for this command.

Command Example

!qualys-vm-scan-action action=delete scan_ref=scan/1621954927.94968

Human Readable Output

Deleting scan

qualys-pc-scan-manage

---

Allows users to take actions on compliance scans in their account, like cancel, pause, resume, delete and fetch completed scan results.

Base Command

qualys-pc-scan-manage

Input

Argument Name	Description	Required
action	One action required for the request. Possible values are: cancel, pause, resume, delete.	Required
scan_ref	The scan reference for a compliance scan. This will have the format: compliance/nnnnnnnnnn.nnnnn.	Required

Context Output

Path	Type	Description
Qualys.Scan.KEY	unknown	Key name, either ID or REFERENCE.
Qualys.Scan.VALUE	unknown	Value of either ID or REFERENCE.

Command Example

!qualys-pc-scan-manage action=delete scan_ref=compliance/1622106967.13620

Context Example

{

"Qualys": {

"Scan": [

{

"KEY": "ID",

"VALUE": "21813620"

},

{

"KEY": "REFERENCE",

"VALUE": "compliance/1622106967.13620"

}

]

}

}

Human Readable Output

PC Scan

KEY	VALUE
ID	21813620
REFERENCE	compliance/1622106967.13620

qualys-pc-scan-launch

---

launch compliance scans.

Base Command

qualys-pc-scan-launch

Input

Argument Name	Description	Required
scan_title	The scan title. This can be a maximum of 2000 characters (ascii).	Optional
option_id	The ID of the compliance option profile to be used. One of these parameters must be specified in a request: option_title or option_id. These are mutually exclusive and cannot be specified in the same request.	Optional
option_title	The title of the compliance option profile to be used. One of these parameters must be specified in a request: option_title or option_id. These are mutually exclusive and cannot be specified in the same request.	Optional
ip	The IP addresses to be scanned. You may enter individual IP addresses and/or ranges. Multiple entries are comma separated. One of these parameters is required: ip, asset_groups or asset_group_ids.	Optional
asset_group_ids	The IDs of asset groups containing the hosts to be scanned. Multiple IDs are comma separated. One of these parameters is required: ip, asset_groups or asset_group_ids.	Optional
asset_groups	The titles of asset groups containing the hosts to be scanned. Multiple titles are comma separated. One of these parameters is required: ip, asset_groups or asset_group_ids.	Optional
exclude_ip_per_scan	The IP addresses to be excluded from the scan when the scan target is specified as IP addresses (not asset tags). You may enter individual IP addresses and/or ranges. Multiple entries are comma separated.	Optional
default_scanner	Specify 1 to use the default scanner in each target asset group. For an Express Lite user, Internal Scanning must be enabled in the user’s account. Possible values are: 0, 1.	Optional
scanners_in_ag	Specify 1 to distribute the scan to the target asset groups’ scanner appliances. Appliances in each asset group are tasked with scanning the IPs in the group. By default up to 5 appliances per group will be used and this can be configured for your account (please contact your Account Manager or Support). For an Express Lite user, Internal Scanning must be enabled in the user’s account. Possible values are: 0, 1.	Optional
target_from	Specify “assets” (the default) when your scan target will include IP addresses/ranges and/or asset groups. Specify “tags” when your scan target will include asset tags. Possible values are: assets, tags.	Optional
tag_include_selector	Select “any” (the default) to include hosts that match at least one of the selected tags. Select “all” to include hosts that match all of the selected tags. Possible values are: all, any.	Optional
tag_exclude_selector	Select “any” (the default) to exclude hosts that match at least one of the selected tags. Select “all” to exclude hosts that match all of the selected tags. Possible values are: all, any.	Optional
tag_set_by	Specify “id” (the default) to select a tag set by providing tag IDs. Specify “name” to select a tag set by providing tag names. Possible values are: id, name.	Optional
tag_set_include	Specify a tag set to include. Hosts that match these tags will be included. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
tag_set_exclude	Specify a tag set to exclude. Hosts that match these tags will be excluded. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
use_ip_nt_range_tags	Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to scan all IP addresses defined in tags. When this is specified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected. Possible values are: 0, 1.	Optional
ip_network_id	The ID of a network used to filter the IPs/ranges specified in the“ip” parameter. Set to a custom network ID (note this does not filter IPs/ranges specified in “asset_groups” or “asset_group_ids”). Or set to “0” (the default) for the Global Default Network - this is used to scan hosts outside of your custom networks.	Optional
runtime_http_header	Set a custom value in order to drop defenses (such as logging, IPs, etc) when an authorized scan is being run. The value you enter will be used in the “Qualys-Scan:” header that will be set for many CGI and web application fingerprinting checks. Some discovery and web server fingerprinting checks will not use this header.	Optional
iscanner_name	Specifies the name of the Scanner Appliance for the map, when the map target has private use internal IPs. Using Express Lite, Internal Scanning must be enabled in your account.	Optional

Context Output

Path	Type	Description
Qualys.Scan.KEY	unknown	Scan key, either ID or Reference
Qualys.Scan.VALUE	unknown	Scan value, either value of ID or Reference

Command Example

!qualys-pc-scan-launch ip=1.1.1.1 option_title=test1

Context Example

{

"Qualys": {

"Scan": [

{

"KEY": "ID",

"VALUE": "21840826"

},

{

"KEY": "REFERENCE",

"VALUE": "compliance/1622364751.40826"

}

]

}

}

Human Readable Output

New PC Scan launched

KEY	VALUE
ID	21840826
REFERENCE	compliance/1622364751.40826

qualys-ip-add

---

Add IP addresses to the subscription.

Base Command

qualys-ip-add

Input

Argument Name	Description	Required
ips	The hosts you want to add to the subscription. .	Required
tracking_method	The tracking method is set to IP for IP address by default. To use another tracking method specify DNS or NETBIOS. Possible values are: IP, DNS, NETBIOS.	Optional
enable_vm	You must enable the hosts for the VM application (enable_vm=1) or the PC application (enable_pc=1) or both VM and PC. Possible values are: 0, 1. Default is 0.	Required
enable_pc	You must enable the hosts for the VM application (enable_vm=1) or the PC application (enable_pc=1) or both VM and PC. Possible values are: 0, 1. Default is 0.	Required
owner	The owner of the host asset(s). The owner must be a Manager or a Unit Manager.	Optional
ud1	Values for user-defined fields 1, 2 and 3. You can specify a maximum of 128 characters.	Optional
ud2	Values for user-defined fields 1, 2 and 3. You can specify a maximum of 128 characters.	Optional
ud3	Values for user-defined fields 1, 2 and 3. You can specify a maximum of 128 characters.	Optional
comment	User-defined comments.	Optional
ag_title	(Required if the request is being made by a Unit Manager; otherwise invalid) The title of an asset group in the Unit Manager’s business unit that the host(s) will be added to.	Optional
enable_certview	Set to 1 to add IPs to your CertView license. By default IPs are not added to your CertView license. This option will be supported when CertView GA is released and is enabled for your account. Possible values are: 0, 1.	Optional

Context Output

Path	Type	Description
Qualys.IP.Add.TEXT	String	Action result message.
Qualys.IP.Add.DATETIME	Date	Date & time of the action.

Command Example

!qualys-ip-add ips=1.1.2.3 enable_pc=0 enable_vm=1 comment="Adding a new IP address"

Context Example

{

"Qualys": {

"IP": {

"Add": {

"DATETIME": "2021-05-30T08:47:50Z",

"TEXT": "IPs successfully added to Vulnerability Management"

}

}

}

}

Human Readable Output

IPs successfully added to Vulnerability Management

qualys-ip-update

---

gives you the ability to update IP addresses within the subscription.

Base Command

qualys-ip-update

Input

Argument Name	Description	Required
ips	The hosts within the subscription that you want to update.	Required
network_id	(valid only when the Network Support feature is enabled for the user's account) Restrict the request to a certain custom network by specifying the network ID. When unspecified, we default to "0" for Global Default Network.	Optional
host_dns	(Optional) The DNS hostname for the IP you want to update. A single IP must be specified in the same request and the IP will only be updated if it matches the hostname specified.	Optional
host_netbios	(Optional) The NetBIOS hostname for the IP you want to update. A single IP must be specified in the same request and the IP will only be updated if it matches the hostname specified.	Optional
tracking_method	The tracking method is set to IP for IP address by default. To use another tracking method specify DNS or NETBIOS. Possible values are: IP, DNS, NETBIOS.	Optional
owner	The owner of the host asset(s). The owner must be a Manager or a Unit Manager.	Optional
ud1	Values for user-defined fields 1, 2 and 3. You can specify a maximum of 128 characters.	Optional
ud2	Values for user-defined fields 1, 2 and 3. You can specify a maximum of 128 characters.	Optional
ud3	Values for user-defined fields 1, 2 and 3. You can specify a maximum of 128 characters.	Optional
comment	User-defined comments.	Optional

Context Output

Path	Type	Description
Qualys.IP.Update.TEXT	unknown	Action result message.
Qualys.IP.Update.DATETIME	unknown	Date & time of the action.

Command Example

!qualys-ip-update ips=1.1.1.1 comment="Updating IP"

Context Example

{

"Qualys": {

"IP": {

"Update": {

"DATETIME": "2021-05-30T08:47:56Z",

"TEXT": "IPs successfully updated"

}

}

}

}

Human Readable Output

IPs successfully updated

qualys-host-excluded-manage

---

Manage your excluded IPs list using the Excluded IP. The IPs in your excluded IPs list will not be scanned.

Base Command

qualys-host-excluded-manage

Input

Argument Name	Description	Required
action	Select add/remove/remove_all ips. Possible values are: add, remove, remove_all.	Required
comment	User-defined notes (up to 1024 characters).	Required
ips	The IP addresses to be added to the excluded IPs list. Enter a comm-separated list of IPv4 singletons or ranges. For example: 10.10.10.13,10.10.10.25-10.10.10.29.	Optional
expiry_days	(Optional when action=add) The number of days the IPs being added to the excluded IPs list will be considered valid for exclusion. When the expiration is reached, the IPs are removed from the list and made available again for scanning. When unspecified, the IPs being added have no expiration and will remain on the list until removed by a user.	Optional
dg_names	(Optional when action=add) Specify users who will be notified 7 days before hosts are removed from the excluded hosts list (i.e. supply distribution group names as defined in the Qualys UI).	Optional
network_id	Assign a network ID to the IPs being added to the excluded IPs list. By default, the user’s default network ID is assigned.	Optional

Context Output

Path	Type	Description
Qualys.Endpoint.KEY	unknown	Result of action requested.
Qualys.Endpoint	unknown	IPs action was made on.

Command Example

!qualys-host-excluded-manage action=add comment="adding hosts" ips=1.1.1.1,1.1.2.1 expiry_days=2

Context Example

{

"Qualys": {

"Endpoint": {

"KEY": "IPs already in Excluded IPs list.",

"VALUE": "1.1.1.1,1.1.2.1"

}

}

}

Human Readable Output

IPs already in Excluded IPs list

ip
1.1.1.1
1.1.2.1

qualys-scheduled-report-launch

---

Launch a scheduled report now.

Base Command

qualys-scheduled-report-launch

Input

Argument Name	Description	Required
id	Scheduled report ID. Can be found by running the command qualys-scheduled-report-list.	Required

Context Output

Path	Type	Description
Qualys.Report.ID	String	Launched report ID.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the scheduled report launch.

Command Example

!qualys-scheduled-report-launch id=8084468

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:01:38Z",

"ID": "10789050",

"TEXT": "Report launched successfully."

}

}

}

Human Readable Output

Launch Scheduled Report

DATETIME	ID	TEXT
2021-12-20T12:01:38Z	10789050	Report launched successfully.

qualys-report-launch-map

---

Launches a map report.

Base Command

qualys-report-launch-map

Input

Argument Name	Description	Required
template_id	The template ID of the report you want to launch. Can be found by running the command qualys-report-template-list.	Required
report_refs	Specifies the map references (1 or 2) to include. A map reference starts with the string "map/" followed by a reference ID number. When two map references are given, the report compares map results. Two map references are comma separated.	Required
output_format	One output format may be specified. Possible values are: pdf, html, mht, xml, csv.	Required
domain	Specifies the target domain for the map report. Include the domain name only; do not enter "www." at the start of the domain name. When the special “none” domain is specified as a parameter value, the ip_restriction parameter is required.	Required
report_title	A user-defined report title. The title may have a maximum of 128 characters. For a PCI compliance report, the report title is provided by Qualys and cannot be changed.	Optional
hide_header	(Valid for CSV format report only). Specify hide_header=1 to omit the header information from the report. By default this information is included. Possible values are: 0, 1.	Optional
pdf_password	(Required for secure PDF distribution, Manager or Unit Manager only) Used for secure PDF report distribution when this feature is enabled in the user's account (under Reports > Setup > Report Share). The password to be used for encryption. - the password must have a minimum of 8 characters (ascii), and a maximum of 32 characters - the password must contain alpha and numeric characters - the password cannot match the password for the user’s Qualys account. - the password must follow the password security guidelines defined for your subscription (under Users > Setup > Security).	Optional
recipient_group	Used for secure PDF distribution. The report recipients in the form of one or more distribution group names, as defined using the Qualys UI. Multiple distribution groups are comma separated. A maximum of 50 distribution groups may be entered.	Optional
recipient_group_id	The report recipients in the form of one or more distribution group IDs. Multiple distribution group IDs are comma separated. Where do I find this ID? Log in to your Qualys account, go to Users > Distribution Groups and select Info for a group in the list.	Optional
ip_restriction	For a map report, specifies certain IPs/ranges to include in the report. Multiple IPs and/or ranges are comma separated.	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Launched map report ID.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the report launch map.

Command Example

!qualys-report-launch-map domain=qualys-test.com output_format=xml report_refs=map/1618151844.78754 template_id=1528888

Context Example

{

"Qualys": {

"Report": {

"ID": "9470650",

"DATETIME": "2021-12-20T12:01:38Z",

"TEXT": "Report launched successfully."

}

}

}

Human Readable Output

New report launched

DATETIME	ID	TEXT
2021-12-20T12:01:38Z	9470650	Report launched successfully.

qualys-report-launch-host-based-findings

---

Run host based findings report

Base Command

qualys-report-launch-host-based-findings

Input

Argument Name	Description	Required
template_id	The template ID of the report you want to launch. Can be found by running the command qualys-report-template-list.	Required
output_format	output format may be specified. When output_format=pdf is specified, the Secure PDF Distribution may be used. Possible values are: pdf, html, mht, xml, csv.	Required
report_title	A user-defined report title. The title may have a maximum of 128 characters. For a PCI compliance report, the report title is provided by Qualys and cannot be changed.	Optional
hide_header	(Valid for CSV format report only). Specify hide_header=1 to omit the header information from the report. By default this information is included.	Optional
recipient_group_id	Specify users who will receive the email notification when the report is complete (i.e. supply a distribution group ID). Where do I find this ID? Log in to your Qualys account, go to Users > Distribution Groups and select Info for a group in the list.	Optional
pdf_password	(Optional; Required for secure PDF distribution) The password to be used for encryption. Requirements: - the password must have a minimum of 8 characters (ascii), and a maximum of 32 characters - the password must contain alpha and numeric characters - the password cannot match the password for the user’s Qualys account. - the password must follow the password security guidelines defined for your subscription (log in and go to Subscription Setup—>Security Options).	Optional
recipient_group	Optional; Optional for secure PDF distribution) The report recipients in the form of one or more distribution groups, as defined using the Qualys UI. Multiple distribution groups are comma separated. A maximum of 50 distribution groups may be entered. Chapter 4 — Report API Launch Report recipient_group={value}.	Optional
ips	Specify IPs/ranges to change (override) the report target, as defined in the scan report template. Multiple IPs/ranges are comma separated. When specified, hosts defined in the report template are not included in the report. See also “Using Asset Tags.”.	Optional
asset_group_ids	Specify asset group IDs to change (override) the report target, as defined in the scan report template. When specified, hosts defined in the report template are not included in the report. Looking for asset group IDs? Use the asset_group_list.php function (see the API v1 User Guide).	Optional
ips_network_id	Optional, and valid only when the Network Support feature is enabled for the user’s account) The ID of a network that is used to restrict the report’s target to the IPs/ranges specified in the“ips” parameter. Set to a custom network ID (note this does not filter IPs/ranges specified in “asset_group_ids”). Or set to “0” (the default) for the Global Default Network - this is used to report on hosts outside of your custom networks.	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Report ID.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the scan based findings.

Command Example

!qualys-report-launch-host-based-findings output_format=pdf template_id=2339987 ips=1.1.1.1

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:00:52Z",

"ID": "10789047",

"TEXT": "New report launched"

}

}

}

Human Readable Output

Host Based Findings Report Launch

DATETIME	ID	TEXT
2021-12-20T12:00:52Z	10789047	New report launched

qualys-report-launch-scan-based-findings

---

launches a scan report including scan based findings

Base Command

qualys-report-launch-scan-based-findings

Input

Argument Name	Description	Required
template_id	The template ID of the report you want to launch. Can be found by running qualys-report-template-list.	Required
output_format	One output format may be specified. When output_format=pdf is specified, the Secure PDF Distribution may be used. Possible values are: pdf, html, mht, xml, csv, docx.	Required
report_refs	(Required) This parameter specifies the scan references to include. A scan reference starts with the string "scan/" followed by a reference ID number. Multiple scan references are comma separated. Reference can be found by running the command qualys-vm-scan-list.	Required
report_title	A user-defined report title. The title may have a maximum of 128 characters. For a PCI compliance report, the report title is provided by Qualys and cannot be changed.	Optional
hide_header	(Valid for CSV format report only). Specify hide_header=1 to omit the header information from the report. By default this information is included.	Optional
recipient_group_id	Specify users who will receive the email notification when the report is complete (i.e. supply a distribution group ID). Where do I find this ID? Log in to your Qualys account, go to Users > Distribution Groups and select Info for a group in the list.	Optional
pdf_password	(Optional; Required for secure PDF distribution) The password to be used for encryption. Requirements: - the password must have a minimum of 8 characters (ascii), and a maximum of 32 characters - the password must contain alpha and numeric characters - the password cannot match the password for the user’s Qualys account. - the password must follow the password security guidelines defined for your subscription (log in and go to Subscription Setup—>Security Options).	Optional
recipient_group	Optional; Optional for secure PDF distribution) The report recipients in the form of one or more distribution groups, as defined using the Qualys UI. Multiple distribution groups are comma separated. A maximum of 50 distribution groups may be entered. Chapter 4 — Report API Launch Report recipient_group={value}.	Optional
ip_restriction	(Optional) For a scan report, the report content will be restricted to the specified IPs/ranges. Multiple IPs and/or ranges are comma separated.	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Report ID.

Command Example

!qualys-report-launch-scan-based-findings output_format=pdf report_refs=scan/1621951157.94402 template_id=2339987

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:00:52Z",

"TEXT": "Launch scan based findings successfully"

"ID": "9470646"

}

}

}

Human Readable Output

Scan Based Findings Report Launch

DATETIME	ID	TEXT
2021-12-20T12:00:52Z	9470646	Launch scan based findings successfully

qualys-report-launch-patch

---

Run patch report

Base Command

qualys-report-launch-patch

Input

Argument Name	Description	Required
template_id	The template ID of the report you want to launch. Can be found by running the command qualys-report-template-list.	Required
output_format	One output format may be specified. When output_format=pdf is specified, the Secure PDF Distribution may be used. Possible values are: pdf, online, xml, csv.	Required
report_title	A user-defined report title. The title may have a maximum of 128 characters. For a PCI compliance report, the report title is provided by Qualys and cannot be changed.	Optional
hide_header	(Valid for CSV format report only). Specify hide_header=1 to omit the header information from the report. By default this information is included.	Optional
recipient_group_id	Specify users who will receive the email notification when the report is complete (i.e. supply a distribution group ID). Where do I find this ID? Log in to your Qualys account, go to Users > Distribution Groups and select Info for a group in the list.	Optional
pdf_password	(Optional; Required for secure PDF distribution) The password to be used for encryption. Requirements: - the password must have a minimum of 8 characters (ascii), and a maximum of 32 characters - the password must contain alpha and numeric characters - the password cannot match the password for the user’s Qualys account. - the password must follow the password security guidelines defined for your subscription (log in and go to Subscription Setup—>Security Options).	Optional
recipient_group	Optional; Optional for secure PDF distribution) The report recipients in the form of one or more distribution groups, as defined using the Qualys UI. Multiple distribution groups are comma separated. A maximum of 50 distribution groups may be entered. Chapter 4 — Report API Launch Report recipient_group={value}.	Optional
ips	Specify IPs/ranges to change (override) the report target, as defined in the patch report template. Multiple IPs/ranges are comma separated. When specified, hosts defined in the report template are not included in the report. See also “Using Asset Tags.”.	Optional
asset_group_ids	Specify IPs/ranges to change (override) the report target, as defined in the patch report template. Multiple asset group IDs are comma separated. When specified, hosts defined in the report template are not included in the report. Looking for asset group IDs? Use the asset_group_list.php function (see the API v1 User Guide).	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Report ID.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the launch patch.

Command Example

!qualys-report-launch-patch output_format=pdf template_id=1528875 ips=1.1.1.1 report_title="patch report"

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:00:26Z",

"ID": "10789038",

"TEXT": "New report launched"

}

}

}

Human Readable Output

Patch Report Launch

DATETIME	ID	TEXT
2021-12-20T12:00:26Z	10789038	New report launched

qualys-report-launch-remediation

---

Run remediation report

Base Command

qualys-report-launch-remediation

Input

Argument Name	Description	Required
template_id	The template ID of the report you want to launch. Can be found by running qualys-report-template-list.	Required
output_format	One output format may be specified. When output_format=pdf is specified, the Secure PDF Distribution may be used. Possible values are: pdf, html, mht, csv.	Required
report_title	A user-defined report title. The title may have a maximum of 128 characters. For a PCI compliance report, the report title is provided by Qualys and cannot be changed.	Optional
hide_header	(Valid for CSV format report only). Specify hide_header=1 to omit the header information from the report. By default this information is included.	Optional
recipient_group_id	Specify users who will receive the email notification when the report is complete (i.e. supply a distribution group ID). Where do I find this ID? Log in to your Qualys account, go to Users > Distribution Groups and select Info for a group in the list.	Optional
pdf_password	(Optional; Required for secure PDF distribution) The password to be used for encryption. Requirements: - the password must have a minimum of 8 characters (ascii), and a maximum of 32 characters - the password must contain alpha and numeric characters - the password cannot match the password for the user’s Qualys account. - the password must follow the password security guidelines defined for your subscription (log in and go to Subscription Setup—>Security Options).	Optional
recipient_group	Optional; Optional for secure PDF distribution) The report recipients in the form of one or more distribution groups, as defined using the Qualys UI. Multiple distribution groups are comma separated. A maximum of 50 distribution groups may be entered. Chapter 4 — Report API Launch Report recipient_group={value}.	Optional
ips	(Optional for remediation report) Specify IPs/ranges you want to include in the report. Multiple IPs and/or ranges are comma separated.	Optional
asset_group_ids	Specify asset group IDs that identify hosts you want to include in the report. Multiple asset group IDs are comma separated. Looking for asset group IDs? Use the asset_group_list.php function (in the API v1 User Guide).	Optional
assignee_type	Specifies whether the report will include tickets assigned to the current user, or all tickets in the user account. By default tickets assigned to the current user are included. Valid values are: User (default) or All. Possible values are: User, All.	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Remediation report ID.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the launch remediation.

Command Example

!qualys-report-launch-remediation output_format=pdf template_id=1528884 report_title=remediation ips=1.1.1.1

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:00:23Z",

"ID": "10789037",

"TEXT": "New report launched"

}

}

}

Human Readable Output

Remediation Report Launch

DATETIME	ID	TEXT
2021-12-20T12:00:23Z	10789037	New report launched

qualys-report-launch-compliance

---

Run compliance report

Base Command

qualys-report-launch-compliance

Input

Argument Name	Description	Required
template_id	The template ID of the report you want to launch. Can be found by running the command qualys-report-template-list.	Required
report_title	A user-defined report title. The title may have a maximum of 128 characters. For a PCI compliance report, the report title is provided by Qualys and cannot be changed.	Optional
hide_header	(Valid for CSV format report only). Specify hide_header=1 to omit the header information from the report. By default this information is included.	Optional
recipient_group_id	Specify users who will receive the email notification when the report is complete (i.e. supply a distribution group ID). Where do I find this ID? Log in to your Qualys account, go to Users > Distribution Groups and select Info for a group in the list.	Optional
pdf_password	(Optional; Required for secure PDF distribution) The password to be used for encryption. Requirements: - the password must have a minimum of 8 characters (ascii), and a maximum of 32 characters - the password must contain alpha and numeric characters - the password cannot match the password for the user’s Qualys account. - the password must follow the password security guidelines defined for your subscription (log in and go to Subscription Setup—>Security Options).	Optional
recipient_group	Optional; Optional for secure PDF distribution) The report recipients in the form of one or more distribution groups, as defined using the Qualys UI. Multiple distribution groups are comma separated. A maximum of 50 distribution groups may be entered. Chapter 4 — Report API Launch Report recipient_group={value}.	Optional
output_format	One output format may be specified. When output_format=pdf is specified, the Secure PDF Distribution may be used. . Possible values are: pdf, html, mht.	Required
ips	(Optional for compliance report) For a compliance report (except a PCI report), specify the IPs/ranges you want to include in the report. Multiple IPs and/or ranges are comma separated.	Optional
asset_group_ids	(Optional for compliance report) For a compliance report (except a PCI report), specify asset groups IDs which identify hosts to include in the report. Multiple asset group IDs are comma separated. Looking for asset group IDs? Use the asset_group_list.php function (in the API v1 User Guide).	Optional
report_refs	For a PCI compliance report, either the technical or executive report, this parameter specifies the scan reference to include. A scan reference starts with the string “scan/” followed by a reference ID number. The scan reference must be for a scan that was run using the PCI Options profile. Only one scan reference may be specified. Reference can be found by running the command qualys-pc-scan-list.	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Compliance report ID.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the launch compliance.

Command Example

!qualys-report-launch-compliance output_format=pdf template_id=1528877 ips=1.1.1.1

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:00:41Z",

"ID": "10789044",

"TEXT": "New report launched"

}

}

}

Human Readable Output

Compliance Report Launch

DATETIME	ID	TEXT
2021-12-20T12:00:41Z	10789044	New report launched

qualys-report-launch-compliance-policy

---

Run compliance policy report

Base Command

qualys-report-launch-compliance-policy

Input

Argument Name	Description	Required
template_id	The template ID of the report you want to launch. Can be found by running the command qualys-report-template-list.	Required
report_title	A user-defined report title. The title may have a maximum of 128 characters. For a PCI compliance report, the report title is provided by Qualys and cannot be changed.	Optional
hide_header	(Valid for CSV format report only). Specify hide_header=1 to omit the header information from the report. By default this information is included.	Optional
recipient_group_id	Specify users who will receive the email notification when the report is complete (i.e. supply a distribution group ID). Where do I find this ID? Log in to your Qualys account, go to Users > Distribution Groups and select Info for a group in the list.	Optional
pdf_password	(Optional; Required for secure PDF distribution) The password to be used for encryption. Requirements: - the password must have a minimum of 8 characters (ascii), and a maximum of 32 characters - the password must contain alpha and numeric characters - the password cannot match the password for the user’s Qualys account. - the password must follow the password security guidelines defined for your subscription (log in and go to Subscription Setup—>Security Options).	Optional
recipient_group	Optional; Optional for secure PDF distribution) The report recipients in the form of one or more distribution groups, as defined using the Qualys UI. Multiple distribution groups are comma separated. A maximum of 50 distribution groups may be entered. Chapter 4 — Report API Launch Report recipient_group={value}.	Optional
output_format	One output format may be specified. When output_format=pdf is specified, the Secure PDF Distribution may be used. . Possible values are: pdf, html, mht, xml, csv.	Required
policy_id	Specifies the policy to run the report on. A valid policy ID must be entered.	Required
asset_group_ids	Specify asset group IDS if you want to include only certain asset groups in your report. These asset groups must be assigned to the policy you are reporting on. Multiple asset group IDs are comma separated. Looking for asset group IDs? Use the asset_group_list.php function (in the API v1 User Guide).	Optional
ips	Specify IPs/ranges if you want to include only certain IP addresses in your report. These IPs must be assigned to the policy you’re reporting on. Multiple entries are comma separated.	Optional
host_id	In the policy report output, show only results for a single host instance. Specify the ID for the host to include in the report. A valid host ID must be entered.	Optional
instance_string	Specifies a single instance on the selected host. The instance string may be “os” or a string like “oracle10:1:1521:ora10204u”.	Optional

Context Output

Path	Type	Description
Qualys.Report.ID	String	Policy report ID.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the launch compliance policy.

Command Example

!qualys-report-launch-compliance-policy template_id=1528886 output_format=pdf policy_id=1772919

Context Example

{

"Qualys": {

"Report": {

"DATETIME": "2021-12-20T12:00:19Z",

"ID": "10789035",

"TEXT": "New report launched"

}

}

}

Human Readable Output

Policy Report Launch

DATETIME	ID	TEXT
2021-12-20T12:00:19Z	10789035	New report launched

qualys-ip-restricted-list

---

Get the list of restricted IPs within the user's subscription.

Base Command

qualys-ip-restricted-list

Input

Argument Name	Description	Required
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.Restricted.Address	unknown	List of the restricted IPs.
Qualys.Restricted.Range	unknown	List of the restricted IPs.

Command Example

!qualys-ip-restricted-list

Context Example

{

"Qualys": {

"Restricted": {

"Address": "1.9.3.6"

}

}

}

Human Readable Output

Current Status: disabled

ip
1.9.3.6

qualys-ip-restricted-manage

---

Get the list of restricted IPs within the user's subscription.

Base Command

qualys-ip-restricted-manage

Input

Argument Name	Description	Required
action	activate - enable or disable the restricted IPs feature. clear - clear all restricted IPs and de-active this feature. add - add restricted IPs. delete - delete restricted IPs. replace - replace restricted IPs. Possible values are: activate, clear, add, delete, replace.	Required
enable	Enable or disable the restricted IPs list. set enable=1 to enable the list; set enable=0 to clear any IPs in the list and disable the feature. Possible values are: 0, 1.	Optional
ips	The hosts you want to add to, remove from or replace in the restricted IPs list. How to specify IP addresses. One or more IPs/ranges may be specified. Multiple IPs/ranges are comma separated. An IP range is specified with a hyphen (for example, 10.10.30.1-10.10.30.50).	Optional

Context Output

Path	Type	Description
Qualys.Restricted.Manage.TEXT	unknown	Action result message.
Qualys.Restricted.Manage.DATETIME	unknown	Date & time of the action.
Qualys.Restricted.Manage.ITEM_LIST.ITEM.VALUE	unknown	Status of the restricted ips feature.

Command Example

!qualys-ip-restricted-manage action=add ips=5.2.8.9

Context Example

{

"Qualys": {

"Restricted": {

"Manage": {

"DATETIME": "2021-05-30T08:53:19Z",

"ITEM_LIST": {

"ITEM": {

"KEY": "STATUS",

"VALUE": "disabled"

}

},

"TEXT": "Successfully added restricted ips"

}

}

}

}

Human Readable Output

Successfully added restricted ips

qualys-schedule-scan-create

---

Create a scan schedule in the user’s account.

Base Command

qualys-schedule-scan-create

Input

Argument Name	Description	Required
scan_title	The scan title.	Required
ip	A comma-separated list of IP addresses/ranges to be scanned. At most, one of these parameters can be supplied: ip, asset_groups or asset_group_ids.	Optional
asset_group_ids	A comma-separated list of IDs of asset groups containing the hosts to be scanned. At most, one of these parameters can be supplied: ip, asset_groups or asset_group_ids.	Optional
asset_groups	A comma-separated list of titles of asset groups containing the hosts to be scanned. At most, one of these parameters can be supplied: ip, asset_groups or asset_group_ids.	Optional
option_title	The title of the compliance option profile to be used.	Required
frequency_days	The frequency (days) in which the scan occurs. The value is between 1-365. For example: '1' indicates that the schedule will occur every day. '2' indicates that the schedule will occur every 2 days. At most, one of these parameters can be supplied: 'frequency_days', 'frequency_weeks', 'frequency_months'.	Optional
frequency_weeks	The frequency (weeks) in which the scan occurs. The value is between 1-52. For example: '1' indicates that the schedule will occur every week. '2' indicates that the schedule will occur every 2 weeks. The argument 'weekdays' is required when frequency_weeks is given. Scan will occur only on specified days given in the 'weekdays' argument. At most, one of these parameters can be supplied: 'frequency_days', 'frequency_weeks', 'frequency_months'.	Optional
frequency_months	The frequency (months) in which the scan occurs. The value is between 1-12. For example: '1' indicates that the schedule will occur every month. '2' indicates that the schedule will occur every 2 months. Either the argument 'day_of_month' or the arguments 'day_of_week' and 'week_of_month' are required when frequency_months is given. The scan will occur only on specified days given in those arguments At most, one of these parameters can be supplied: 'frequency_days', 'frequency_weeks', 'frequency_months'.	Optional
weekdays	A comma-separated list of the days when the scan will occur each week. Required when 'frequency_weeks' is given. For example: weekdays='sunday,tuesday' along with 'frequency_weeks=2' means the scan will occur on Sunday and Tuesday every two weeks. Possible values are: sunday, monday, tuesday, wednesday, thursday, friday, saturday.	Optional
day_of_month	Day of the month the monthly schedule will run on. The value is between 1-31 depending on the month. Only relevant when 'frequency_months' value was given. For example: day_of_month=15 along with frequency_months=2 will result in the scan running every 2 months on the 15th of the month.	Optional
day_of_week	Day of week that the schedule will run on. The value is between 0-6, where 0 is Sunday, and 6 is Saturday depending on the month. Only relevant when 'frequency_months' value was given. Must be used with 'week_of_month' as well. For example: day_of_week=2, week_of_month=second along with frequency_months=2 will result in the scan running every 2 months on Tuesday in the second week of the month. Possible values are: 0, 1, 2, 3, 4, 5, 6.	Optional
week_of_month	Comma-separated list of the days of the week that the schedule will run on. The value is between 0-6, where 0 is Sunday, and 6 is Saturday depending on the month. Only relevant when 'frequency_months' value was given. Must be used with 'week_of_month' as well. For example: day_of_week=2, week_of_month=second along with frequency_months=2 will result in the scan running every 2 months on Tuesday in the second week of the month. Possible values are: first, second, third, fourth, last.	Optional
start_date	The start date of the schedule in the format of mm/dd/yyyy. For example: 12/15/2020.	Required
start_hour	The start hour of the scheduled scan. Required when 'start_date' is given. The value is between 0-23.	Required
start_minute	The start minute of the scheduled scan. Required when 'start_date' is given. The value is between 0-59.	Required
time_zone_code	Time zone code of the given scheduled scan. For example: US-CA for California time zone in the US. Required when 'start_date' is given.	Required
observe_dst	Whether to observe Daylight Saving Time (DST). Required when start_date is given. This parameter is valid when the time zone code specified in time_zone_code supports DST. To get the list of time zones and their DST support, use the qualys-time-zone-code command. Possible values are: yes, no.	Optional
exclude_ip_per_scan	A comma-separated list of IP addresses/ranges to be excluded from the scan when the scan target is specified as IP addresses (not asset tags). One of the following parameters must be set: 'scanners_in_ag', 'default_scanner'.	Optional
default_scanner	Specify 1 to use the default scanner in each target asset group. For an Express Lite user, Internal Scanning must be enabled in the user’s account. At most, one of these parameters can be supplied: 'scanners_in_ag', 'default_scanner'. Possible values are: 0, 1.	Optional
scanners_in_ag	Specify 1 to distribute the scan to the target asset groups’ scanner appliances. Appliances in each asset group are tasked with scanning the IPs in the group. By default, up to 5 appliances per group will be used and this can be configured for your account (contact your Account Manager or Support). For an Express Lite user, Internal Scanning must be enabled in the user’s account. At most, one of these parameters can be supplied: 'scanners_in_ag', 'default_scanner'. Possible values are: 0, 1.	Optional
target_from	Specify "assets" (the default) when your scan target will include IP addresses/ranges and/or asset groups. Specify "tags" when your scan target will include asset tags.	Optional
tag_include_selector	Select "any" (the default) to include hosts that match at least one of the selected tags. Select "all" to include hosts that match all of the selected tags.	Optional
tag_exclude_selector	Select "any" (the default) to exclude hosts that match at least one of the selected tags. Select "all" to exclude hosts that match all of the selected tags.	Optional
tag_set_by	Specify "id" (the default) to select a tag set by providing tag IDs. Specify "name" to select a tag set by providing tag names.	Optional
tag_set_include	Specify a tag set to include. Hosts that match these tags will be included. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
tag_set_exclude	Specify a tag set to exclude. Hosts that match these tags will be excluded. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
use_ip_nt_range_tags_include	Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to scan all IP addresses defined in the tag selection. When this is specified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected.	Optional
use_ip_nt_range_tags_exclude	Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to exclude all IP addresses defined in the tag selection. When this is specified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected.	Optional

Context Output

Path	Type	Description
Qualys.ScheduleScan.ID	String	ID of the new scheduled scan.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the scheduled scan creation.

Command Example

!qualys-schedule-scan-create option_title="Initial Options" scan_title="TestScheduleScan123" start_date=12/15/2023 start_hour=2 start_minute=2 time_zone_code=US-CA asset_group_ids=493238 frequency_days=1 default_scanner=1

Context Example

{

"Qualys": {

"ScheduleScan": {

"DATETIME": "2021-12-20T12:02:25Z",

"ID": "783970",

"TEXT": "New scan scheduled successfully"

}

}

}

Human Readable Output

Schedule Scan Create

DATETIME	ID	TEXT
2021-12-20T12:02:25Z	783970	New scan scheduled successfully

qualys-schedule-scan-update

---

Updates a scan schedule in the user’s account.

Base Command

qualys-schedule-scan-update

Input

Argument Name	Description	Required
id	The scan ID to update. The ID can be retrieved by running the 'qualys-schedule-scan-list' command, and using the ID field.	Required
scan_title	The scan title.	Optional
ip	A comma-separated list of IP addresses/ranges to be scanned. At most, one of these parameters can be supplied: ip, asset_groups or asset_group_ids.	Optional
asset_group_ids	A comma-separated list of IDs of asset groups containing the hosts to be scanned. At most, one of these parameters can be supplied: ip, asset_groups or asset_group_ids.	Optional
asset_groups	A comma-separated list of titles of asset groups containing the hosts to be scanned. At most, one of these parameters can be supplied: ip, asset_groups or asset_group_ids.	Optional
frequency_days	The frequency (days) in which the scan occurs. The value is between 1-365. For example: '1' indicates that the schedule will occur every day. '2' indicates that the schedule will occur every 2 days. At most, one of these parameters can be supplied: 'frequency_days', 'frequency_weeks', 'frequency_months'.	Optional
frequency_weeks	The frequency (weeks) in which the scan occurs. The value is between 1-52. For example: '1' indicates that the schedule will occur every week. '2' indicates that the schedule will occur every 2 weeks. The argument 'weekdays' is required when frequency_weeks is given. Scan will occur only on specified days given in the 'weekdays' argument. At most, one of these parameters can be supplied: 'frequency_days', 'frequency_weeks', 'frequency_months'.	Optional
frequency_months	The frequency (months) in which the scan occurs. The value is between 1-12. For example: '1' indicates that the schedule will occur every month. '2' indicates that the schedule will occur every 2 months. Either the argument 'day_of_month' or the arguments 'day_of_week' and 'week_of_month' are required when frequency_months is given. The scan will occur only on specified days given in those arguments At most, one of these parameters can be supplied: 'frequency_days', 'frequency_weeks', 'frequency_months'.	Optional
weekdays	A comma-separated list of the days when the scan will occur each week. Required when 'frequency_weeks' is given. For example: weekdays='sunday,tuesday' along with 'frequency_weeks=2' means the scan will occur on Sunday and Tuesday every two weeks. Possible values are: sunday, monday, tuesday, wednesday, thursday, friday, saturday.	Optional
day_of_month	Day of the month the monthly schedule will run on. The value is between 1-31 depending on the month. Only relevant when 'frequency_months' value was given. For example: day_of_month=15 along with frequency_months=2 will result in the scan running every 2 months on the 15th of the month.	Optional
day_of_week	Day of week that the schedule will run on. The value is between 0-6, where 0 is Sunday, and 6 is Saturday depending on the month. Only relevant when 'frequency_months' value was given. Must be used with 'week_of_month' as well. For example: day_of_week=2, week_of_month=second along with frequency_months=2 will result in the scan running every 2 months on Tuesday in the second week of the month. Possible values are: 0, 1, 2, 3, 4, 5, 6.	Optional
week_of_month	Comma-separated list of the days of the week that the schedule will run on. The value is between 0-6, where 0 is Sunday, and 6 is Saturday depending on the month. Only relevant when 'frequency_months' value was given. Must be used with 'week_of_month' as well. For example: day_of_week=2, week_of_month=second along with frequency_months=2 will result in the scan running every 2 months on Tuesday in the second week of the month. Possible values are: first, second, third, fourth, last.	Optional
start_date	The start date of the schedule in the format of mm/dd/yyyy. For example: 12/15/2020.	Optional
start_hour	The start hour of the scheduled scan. Required when 'start_date' is given. The value is between 0-23.	Optional
start_minute	The start minute of the scheduled scan. Required when 'start_date' is given. The value is between 0-59.	Optional
time_zone_code	Time zone code of the given scheduled scan. For example: US-CA for California time zone in the US. Required when 'start_date' is given.	Optional
observe_dst	Whether to observe Daylight Saving Time (DST). Required when start_date is given. This parameter is valid when the time zone code specified in time_zone_code supports DST. To get the list of time zones and their DST support, use the qualys-time-zone-code command. Possible values are: yes, no.	Optional
exclude_ip_per_scan	A comma-separated list of IP addresses/ranges to be excluded from the scan when the scan target is specified as IP addresses (not asset tags). One of the following parameters must be set: 'scanners_in_ag', 'default_scanner'.	Optional
default_scanner	Specify 1 to use the default scanner in each target asset group. For an Express Lite user, Internal Scanning must be enabled in the user’s account. At most, one of these parameters can be supplied: 'scanners_in_ag', 'default_scanner'. Possible values are: 0, 1.	Optional
scanners_in_ag	Specify 1 to distribute the scan to the target asset groups’ scanner appliances. Appliances in each asset group are tasked with scanning the IPs in the group. By default, up to 5 appliances per group will be used and this can be configured for your account (contact your Account Manager or Support). For an Express Lite user, Internal Scanning must be enabled in the user’s account. At most, one of these parameters can be supplied: 'scanners_in_ag', 'default_scanner'. Possible values are: 0, 1.	Optional
active	Whether the scheduled scan is activated. Possible values are: 0, 1.	Optional
target_from	Specify "assets" (the default) when your scan target will include IP addresses/ranges and/or asset groups. Specify "tags" when your scan target will include asset tags.	Optional
tag_include_selector	Select "any" (the default) to include hosts that match at least one of the selected tags. Select "all" to include hosts that match all of the selected tags.	Optional
tag_exclude_selector	Select "any" (the default) to exclude hosts that match at least one of the selected tags. Select "all" to exclude hosts that match all of the selected tags.	Optional
tag_set_by	Specify "id" (the default) to select a tag set by providing tag IDs. Specify "name" to select a tag set by providing tag names.	Optional
tag_set_include	Specify a tag set to include. Hosts that match these tags will be included. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
tag_set_exclude	Specify a tag set to exclude. Hosts that match these tags will be excluded. You identify the tag set by providing tag names or IDs. Multiple entries are comma separated.	Optional
use_ip_nt_range_tags_include	Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to scan all IP addresses defined in the tag selection. When this is specified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected.	Optional
use_ip_nt_range_tags_exclude	Specify “0” (the default) to select from all tags (tags with any tag rule). Specify “1” to exclude all IP addresses defined in the tag selection. When this is specified, only tags with the dynamic IP address rule called “IP address in Network Range(s)” can be selected.	Optional

Context Output

Path	Type	Description
Qualys.ScheduleScan.ID	String	ID of the scheduled scan to be updated.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the scheduled scan update.

Command Example

!qualys-schedule-scan-update id=783969 active=0

Context Example

{

"Qualys": {

"ScheduleScan": {

"DATETIME": "2021-12-20T12:02:28Z",

"ID": "783969",

"TEXT": "Edit scheduled scan Completed successfully"

}

}

}

Human Readable Output

Schedule Scan Update

DATETIME	ID	TEXT
2021-12-20T12:02:28Z	783969	Edit scheduled scan Completed successfully

qualys-asset-group-add

---

Create a new asset group.

Base Command

qualys-asset-group-add

Input

Argument Name	Description	Required
title	The asset group title to add.	Required
network_id	Restrict the request to a certain custom network ID.	Optional
ips	A comma-separated list of IP address/ranges to add to an asset group. An IP range is specified with a hyphen (for example, 10.10.10.1-10.10.10.100).	Optional
domains	A comma-separated list of domains to add to an asset group. Do not enter "www." at the start of the domain name.	Optional
dns_names	A comma-separated list of DNS names to add to an asset group.	Optional
netbios_names	A comma-separated list of NETBIOS names to add to an asset group.	Optional
cvss_enviro_td	The CVSS environment target distribution to add. Possible values are: high, medium, low, none.	Optional
cvss_enviro_cr	The CVSS environment confidentiality requirement to add. Possible values are: high, medium, low.	Optional
cvss_enviro_ir	The CVSS environment integrity requirement to add. Possible values are: high, medium, low.	Optional
cvss_enviro_ar	The CVSS environment availability requirement to add. Possible values are: high, medium, low.	Optional
appliance_ids	A comma-separated list of appliance IDs to add to an asset group.	Optional

Context Output

Path	Type	Description
Qualys.AssetGroup.ID	String	Asset group ID.
Qualys.AssetGroup.DATETIME	Date	Date the command was executed.
Qualys.AssetGroup.TEXT	String	Qualys response for the asset group creation.

Command Example

!qualys-asset-group-add title=Test-Asset-Group123 ips="1.1.1.1"

Context Example

{

"Qualys": {

"AssetGroup": {

"DATETIME": "2021-12-20T12:02:07Z",

"ID": "2886259",

"TEXT": "Asset Group successfully added."

}

}

}

Human Readable Output

Asset Group Add

DATETIME	ID	TEXT
2021-12-20T12:02:07Z	2886259	Asset Group successfully added.

qualys-asset-group-edit

---

Update an asset group.

Base Command

qualys-asset-group-edit

Input

Argument Name	Description	Required
set_title	The new asset group title.	Optional
id	The ID of the asset group to edit. The ID of asset groups can be retrieved via running the qualys-group-list command and using its ID field.	Required
add_ips	A comma-separated list of IP address/ranges to add to an asset group. An IP range is specified with a hyphen (for example, 10.10.10.1-10.10.10.100).	Optional
set_ips	A comma-separated list of IP address/ranges of an asset group to set. An IP range is specified with a hyphen (for example, 10.10.10.1-10.10.10.100).	Optional
remove_ips	A comma-separated list of IP addresses/ranges to remove from an asset group. An IP range is specified with a hyphen (for example, 10.10.10.1-10.10.10.100).	Optional
add_domains	A comma-separated list of domains to add to an asset group. Do not enter "www." at the start of the domain name.	Optional
set_domains	A comma-separated list of domains of an asset group to set. Do not enter "www." at the start of the domain name.	Optional
remove_domains	A comma-separated list of domains to remove from an asset group. Do not enter "www." at the start of the domain name.	Optional
add_dns_names	A comma-separated list of DNS names to add to an asset group.	Optional
set_dns_names	A comma-separated list of DNS names of asset group to set.	Optional
remove_dns_names	A comma-separated list of DNS names to remove from an asset group.	Optional
add_netbios_names	A comma-separated list of NETBIOS names to add to an asset group.	Optional
set_netbios_names	A comma-separated list of NETBIOS names of an asset group to set.	Optional
remove_netbios_names	A comma-separated list of NETBIOS names to delete from an asset group.	Optional
set_cvss_enviro_td	The CVSS environment target distribution to set. Possible values are: high, medium, low, none.	Optional
set_cvss_enviro_cr	The CVSS environment confidentiality requirement to set. Possible values are: high, medium, low.	Optional
set_cvss_enviro_ir	The CVSS environment integrity requirement to set. Possible values are: high, medium, low.	Optional
set_cvss_enviro_ar	The CVSS environment availability requirement to set. Possible values are: high, medium, low.	Optional
add_appliance_ids	A comma-separated list of appliance IDs to add to an asset group.	Optional
set_appliance_ids	A comma-separated list of appliance IDs of an asset group to set.	Optional
remove_appliance_ids	A comma-separated list of appliance IDs to remove from an asset group.	Optional

Context Output

Path	Type	Description
Qualys.AssetGroup.ID	String	Asset group ID.
Qualys.AssetGroup.DATETIME	Date	Date the command was executed.
Qualys.AssetGroup.TEXT	String	Qualys response for the asset group update.

Command Example

!qualys-asset-group-edit id=2886258 add_ips="1.1.1.1"

Context Example

{

"Qualys": {

"AssetGroup": {

"DATETIME": "2021-12-20T12:02:13Z",

"ID": "2886258",

"TEXT": "Asset Group Updated Successfully"

}

}

}

Human Readable Output

Asset Group Edit

DATETIME	ID	TEXT
2021-12-20T12:02:13Z	2886258	Asset Group Updated Successfully

qualys-asset-group-delete

---

Delete an asset group.

Base Command

qualys-asset-group-delete

Input

Argument Name	Description	Required
id	Asset group ID to delete. ID of asset groups can be retrieved via running the qualys-group-list command and using its ID field.	Required

Context Output

Path	Type	Description
Qualys.AssetGroup.ID	String	Asset group ID.
Qualys.AssetGroup.DATETIME	Date	Date the command was executed.
Qualys.AssetGroup.TEXT	String	Qualys response for the asset group deletion.

Command Example

!qualys-asset-group-delete id=2886258

Context Example

{

"Qualys": {

"AssetGroup": {

"DATETIME": "2021-12-20T12:02:20Z",

"ID": "2886258",

"TEXT": "Asset Group Deleted Successfully"

}

}

}

Human Readable Output

Asset Group Delete

DATETIME	ID	TEXT
2021-12-20T12:02:20Z	2886258	Asset Group Deleted Successfully

qualys-schedule-scan-delete

---

Delete a scheduled scan.

Base Command

qualys-schedule-scan-delete

Input

Argument Name	Description	Required
id	Scheduled Scan ID to delete. The ID can be retrieved via running the qualys-schedule-scan-list command, and using the ID field.	Required

Context Output

Path	Type	Description
Qualys.ScheduleScan.ID	String	ID of the scheduled scan to be deleted.
Qualys.ScheduleScan.DATETIME	Date	Date the command was executed.
Qualys.ScheduleScan.TEXT	String	Qualys response for the scheduled scan deletion.

Command Example

!qualys-schedule-scan-delete id=783969

Context Example

{

"Qualys": {

"ScheduleScan": {

"DATETIME": "2021-12-20T12:02:31Z",

"ID": "783969",

"TEXT": "Schedule scan deleted successfully"

}

}

}

Human Readable Output

Schedule Scan Delete

DATETIME	ID	TEXT
2021-12-20T12:02:31Z	783969	Schedule scan deleted successfully

qualys-time-zone-code

---

Gets a list of the supported time zone codes.

Base Command

qualys-time-zone-code

Input

Argument Name	Description	Required

Context Output

Path	Type	Description
Qualys.TimeZone.DST_SUPPORTED	String	Whether Daylight Saving Time (DST) is supported.
Qualys.TimeZone.TIME_ZONE_CODE	String	Time zone code.
Qualys.TimeZone.TIME_ZONE_DETAILS	String	Timezone code details.

Command Example

!qualys-time-zone-code

Context Example

{

"Qualys": {

"TimeZone": [

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "AS",

"TIME_ZONE_DETAILS": "(GMT -11:00) American Samoa"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "UM2",

"TIME_ZONE_DETAILS": "(GMT -11:00) Midway Islands (U.S.)"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "NU",

"TIME_ZONE_DETAILS": "(GMT -11:00) Niue"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "CK",

"TIME_ZONE_DETAILS": "(GMT -10:00) Cook Islands"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "PF2A",

"TIME_ZONE_DETAILS": "(GMT -10:00) French Polynesia, Austral Islands"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "PF",

"TIME_ZONE_DETAILS": "(GMT -10:00) French Polynesia, Society Islands (including Tahiti)"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "PF2B",

"TIME_ZONE_DETAILS": "(GMT -10:00) French Polynesia, Tuamotu Archipelago"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "UM1",

"TIME_ZONE_DETAILS": "(GMT -10:00) Johnston Atoll (U.S.)"

},

{

"DST_SUPPORTED": "1",

"TIME_ZONE_CODE": "US-AK1",

"TIME_ZONE_DETAILS": "(GMT -10:00) United States, Alaska (Aleutian Islands)"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "US-HI",

"TIME_ZONE_DETAILS": "(GMT -10:00) United States, Hawaii"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "PF1",

"TIME_ZONE_DETAILS": "(GMT -09:30) French Polynesia, Marquesas Islands"

},

{

"DST_SUPPORTED": "0",

"TIME_ZONE_CODE": "PF3",

"TIME_ZONE_DETAILS": "(GMT -09:00) French Polynesia, Gambier Islands"

},

{

"DST_SUPPORTED": "1",

"TIME_ZONE_CODE": "US-AK",

"TIME_ZONE_DETAILS": "(GMT -09:00) United States, Alaska"

},

{

"DST_SUPPORTED": "1",

"TIME_ZONE_CODE": "CA-BC",

"TIME_ZONE_DETAILS": "(GMT -08:00) Canada, British Columbia (Pacific Standard Time)"

}

]

}

}

Human Readable Output

Time Zone Codes

DST_SUPPORTED	TIME_ZONE_CODE	TIME_ZONE_DETAILS
0	AS	(GMT -11:00) American Samoa
0	UM2	(GMT -11:00) Midway Islands (U.S.)
0	NU	(GMT -11:00) Niue
0	CK	(GMT -10:00) Cook Islands
0	PF2A	(GMT -10:00) French Polynesia, Austral Islands
0	PF	(GMT -10:00) French Polynesia, Society Islands (including Tahiti)
0	PF2B	(GMT -10:00) French Polynesia, Tuamotu Archipelago
0	UM1	(GMT -10:00) Johnston Atoll (U.S.)
1	US-AK1	(GMT -10:00) United States, Alaska (Aleutian Islands)
0	US-HI	(GMT -10:00) United States, Hawaii
0	PF1	(GMT -09:30) French Polynesia, Marquesas Islands
0	PF3	(GMT -09:00) French Polynesia, Gambier Islands
1	US-AK	(GMT -09:00) United States, Alaska
1	CA-BC	(GMT -08:00) Canada, British Columbia (Pacific Standard Time)

qualys-host-list-detection

---

Get a list of hosts with the hosts latest vulnerability data. The list is based on the host based scan data available in the user’s account.

Base Command

qualys-host-list-detection

Input

Argument Name	Description	Required
ids	A comma-separated list of host IDs/ranges. A host ID range is specified with a hyphen (for example, 190-400). Valid host IDs are required.	Optional
ips	A comma-separated list of host IP addresses/ranges. An IP address range is specified with a hyphen (for example, 10.10.30.1-10.10.30.50).	Optional
qids	A comma-separated list of valid detection record QIDs. A range is specified with a dash (for example, 68518-68522).	Optional
severities	A comma-separated list of severity levels. A range is specified with a dash (for example, 1-5 where 1 is low and 5 is high).	Optional
use_tags	Specify 0 (the default) to select hosts based on IP addresses/ranges and/or asset groups. Specify 1 to select hosts based on asset tags. Possible values are: 0, 1.	Optional
tag_set_by	(Optional when use_tags=1) Specify “id” (the default) to select a tag set by providing tag IDs. Specify “name” to select a tag set by providing tag names. Possible values are: id, name.	Optional
tag_include_selector	(Optional when use_tags=1) Specify “any” (the default) to include hosts that match at least one of the selected tags. Specify “all” to include hosts that match all of the selected tags. Possible values are: any, all.	Optional
tag_exclude_selector	(Optional when use_tags=1) Specify “any” (the default) to exclude hosts that match at least one of the selected tags. Specify “all” to exclude hosts that match all of the selected tags. Possible values are: any, all.	Optional
tag_set_include	(Optional when use_tags=1) Specify a comma-separated list of tag names or IDs to include hosts that match these tags.	Optional
tag_set_exclude	(Optional when use_tags=1) Specify a comma-separated list of tag names or IDs for which to exclude hosts that match the tags.	Optional
detection_processed_before	Specify the date before which to retrieve detections vulnerability scan results that were processed. Specify the date in YYYY-MMDD[THH:MM:SSZ] format (UTC/GMT), for example, “2016-09-12” or “2016-09-12T23:15:00Z”.	Optional
detection_processed_after	Specify the date after which to retrieve detections vulnerability scan results that were processed. Specify the date in YYYY-MMDD[THH:MM:SSZ] format (UTC/GMT), for example, “2016-09-12” or “2016-09-12T23:15:00Z”.	Optional
vm_scan_since	Show hosts that were last scanned for vulnerabilities since the specified date and time (optional). Hosts that were the target of a vulnerability scan since the date/time will be shown. Date/time is specified in the following format: YYYY-MM-DD[THH:MM:SSZ] (UTC/GMT). Permissions: An Auditor cannot specify this parameter.	Optional
no_vm_scan_since	Show hosts not scanned since the specified date and time (optional). The date/time is specified in the following format: YYYY-MMDD[THH:MM:SSZ] format (UTC/GMT), for example, “2007-07-01” or “2007-01-25T23:12:00Z”. Permissions - An Auditor cannot specify this parameter.	Optional
truncation_limit	Specify the maximum number of host records processed per request. When not specified, the truncation limit is set to 1000 host records. You may specify a value less than the default (1-999) or greater than the default (1001-1000000).	Optional

Context Output

Path	Type	Description
Qualys.HostDetections.ID	String	Host detection ID.
Qualys.HostDetections.IP	String	Host detection IP address.
Qualys.HostDetections.TRACKING_METHOD	String	Tracking method.
Qualys.HostDetections.OS	String	Host operating system.
Qualys.HostDetections.DNS	String	Host DNS.
Qualys.HostDetections.DNS_DATA.HOSTNAME	String	DNS data host name.
Qualys.HostDetections.DNS_DATA.DOMAIN	Unknown	DNS data domain.
Qualys.HostDetections.DNS_DATA.FQDN	Unknown	DNS data FQDN.
Qualys.HostDetections.NETBIOS	String	Netbios.
Qualys.HostDetections.QG_HOSTID	String	QG host ID.
Qualys.HostDetections.LAST_SCAN_DATETIME	Date	Last scan date.
Qualys.HostDetections.LAST_VM_SCANNED_DATE	Date	Last VM scan date.
Qualys.HostDetections.LAST_VM_SCANNED_DURATION	String	Last VM scan duration.
Qualys.HostDetections.LAST_PC_SCANNED_DATE	Date	Last PC scan date.
Qualys.HostDetections.DETECTION_LIST.DETECTION.QID	String	Detection QID.
Qualys.HostDetections.DETECTION_LIST.DETECTION.TYPE	String	Detection type.
Qualys.HostDetections.DETECTION_LIST.DETECTION.SEVERITY	String	Detection severity.
Qualys.HostDetections.DETECTION_LIST.DETECTION.SSL	String	Detection SSL.
Qualys.HostDetections.DETECTION_LIST.DETECTION.RESULTS	String	Detection results.
Qualys.HostDetections.DETECTION_LIST.DETECTION.STATUS	String	Detection status.
Qualys.HostDetections.DETECTION_LIST.DETECTION.FIRST_FOUND_DATETIME	Date	Date detection was first found.
Qualys.HostDetections.DETECTION_LIST.DETECTION.LAST_FOUND_DATETIME	Date	Date detection was last found.
Qualys.HostDetections.DETECTION_LIST.DETECTION.TIMES_FOUND	String	Number of times detection was found.
Qualys.HostDetections.DETECTION_LIST.DETECTION.LAST_TEST_DATETIME	Date	Date detection was last tested.
Qualys.HostDetections.DETECTION_LIST.DETECTION.LAST_UPDATE_DATETIME	Date	Date detection was last updated.
Qualys.HostDetections.DETECTION_LIST.DETECTION.IS_IGNORED	String	Whether detection is ignored.
Qualys.HostDetections.DETECTION_LIST.DETECTION.IS_DISABLED	String	Whether detection is disabled.
Qualys.HostDetections.DETECTION_LIST.DETECTION.LAST_PROCESSED_DATETIME	Date	Date detection was last processed.
Qualys.HostDetections.DETECTION_LIST.DETECTION.PORT	String	Detection port.
Qualys.HostDetections.DETECTION_LIST.DETECTION.PROTOCOL	String	Detection protocol.
Qualys.HostDetections.DETECTION_LIST.DETECTION.QDS	Object	Detection score.
Qualys.HostDetections.DETECTION_LIST.DETECTION.QDS_FACTORS	Object	Factors affecting detection score.

Command example

!qualys-host-list-detection truncation_limit=2

Context Example

{

"Qualys": {

"HostDetections": [

{

"DETECTION_LIST": {

"DETECTION": [

{

"FIRST_FOUND_DATETIME": "2017-06-08T09:17:08Z",

"IS_DISABLED": "0",

"IS_IGNORED": "0",

"LAST_FOUND_DATETIME": "2018-10-25T19:13:11Z",

"LAST_PROCESSED_DATETIME": "2018-10-25T19:13:37Z",

"LAST_TEST_DATETIME": "2018-10-25T19:13:11Z",

"LAST_UPDATE_DATETIME": "2018-10-25T19:13:37Z",

"PORT": "3389",

"PROTOCOL": "tcp",

"QDS": {

"#text": "25",

"@severity": "LOW"

},

"QDS_FACTORS": {

"QDS_FACTOR": [

{

"#text": "No_Patch",

"@name": "RTI"

},

{

"#text": "2.6",

"@name": "CVSS"

},

]

},

"QID": "38170",

"RESULTS": "Certificate #0 CN=WIN-2IDQKTU63RC (WIN-2IDQKTU63RC) doesn&apos;t resolve",

"SEVERITY": "2",

"SSL": "1",

"STATUS": "Active",

"TIMES_FOUND": "396",

"TYPE": "Confirmed"

},

{

"FIRST_FOUND_DATETIME": "2017-06-08T09:17:08Z",

"IS_DISABLED": "0",

"IS_IGNORED": "0",

"LAST_FOUND_DATETIME": "2018-10-25T19:13:11Z",

"LAST_PROCESSED_DATETIME": "2018-10-25T19:13:37Z",

"LAST_TEST_DATETIME": "2018-10-25T19:13:11Z",

"LAST_UPDATE_DATETIME": "2018-10-25T19:13:37Z",

"PORT": "3389",

"PROTOCOL": "tcp",

"QID": "38173",

"RESULTS": "Certificate #0 CN=WIN-2IDQKTU63RC unable to get local issuer certificate",

"SEVERITY": "2",

"SSL": "1",

"STATUS": "Active",

"TIMES_FOUND": "396",

"TYPE": "Confirmed"

},

]

},

"DNS": "xxx",

"DNS_DATA": {

"DOMAIN": null,

"FQDN": null,

"HOSTNAME": "xxx"

},

"ID": "123",

"IP": "1.1.1.1",

"LAST_PC_SCANNED_DATE": "2018-07-08T22:03:23Z",

"LAST_SCAN_DATETIME": "2018-10-25T19:13:37Z",

"LAST_VM_SCANNED_DATE": "2018-10-25T19:13:11Z",

"LAST_VM_SCANNED_DURATION": "1083",

"NETBIOS": "WIN-2IDQKTU63RC",

"OS": "Windows 2008 R2/7",

"QG_HOSTID": "a30ba2e0-1e90-4f16-b755-2db8f44b67a7",

"TRACKING_METHOD": "EC2"

},

{

"DETECTION_LIST": {

"DETECTION": [

{

"FIRST_FOUND_DATETIME": "2018-05-14T13:54:45Z",

"IS_DISABLED": "0",

"IS_IGNORED": "0",

"LAST_FOUND_DATETIME": "2018-10-25T19:11:35Z",

"LAST_PROCESSED_DATETIME": "2018-10-25T19:12:25Z",

"LAST_TEST_DATETIME": "2018-10-25T19:11:35Z",

"LAST_UPDATE_DATETIME": "2018-10-25T19:12:25Z",

"QID": "70000",

"RESULTS": "AMAZON-544DB96A",

"SEVERITY": "2",

"SSL": "0",

"STATUS": "Active",

"TIMES_FOUND": "59",

"TYPE": "Confirmed"

},

{

"FIRST_FOUND_DATETIME": "2018-05-14T13:54:45Z",

"IS_DISABLED": "0",

"IS_IGNORED": "0",

"LAST_FOUND_DATETIME": "2018-10-25T19:11:35Z",

"LAST_PROCESSED_DATETIME": "2018-10-25T19:12:25Z",

"LAST_TEST_DATETIME": "2018-10-25T19:11:35Z",

"LAST_UPDATE_DATETIME": "2018-10-25T19:12:25Z",

"QID": "70001",

"RESULTS": "Device Name\tComment\tType\nIPC$\tRemote IPC\t-2147483645\nC$\tDefault share\t-2147483648\nADMIN$\tRemote Admin\t-2147483648",

"SEVERITY": "3",

"SSL": "0",

"STATUS": "Active",

"TIMES_FOUND": "59",

"TYPE": "Confirmed"

},

{

"FIRST_FOUND_DATETIME": "2018-05-14T13:54:45Z",

"IS_DISABLED": "0",

"IS_IGNORED": "0",

"LAST_FOUND_DATETIME": "2018-10-25T19:11:35Z",

"LAST_PROCESSED_DATETIME": "2018-10-25T19:12:25Z",

"LAST_TEST_DATETIME": "2018-10-25T19:11:35Z",

"LAST_UPDATE_DATETIME": "2018-10-25T19:12:25Z",

"QID": "90043",

"SEVERITY": "3",

"SSL": "0",

"STATUS": "Active",

"TIMES_FOUND": "59",

"TYPE": "Potential"

},

]

},

"DNS": "xxx",

"DNS_DATA": {

"DOMAIN": null,

"FQDN": null,

"HOSTNAME": "xxx"

},

"ID": "1234",

"IP": "1.1.1.1",

"LAST_PC_SCANNED_DATE": "2018-07-08T22:03:23Z",

"LAST_SCAN_DATETIME": "2018-10-25T19:12:25Z",

"LAST_VM_SCANNED_DATE": "2018-10-25T19:11:35Z",

"LAST_VM_SCANNED_DURATION": "987",

"NETBIOS": "AMAZON-544DB96A",

"OS": "Windows 2003 R2 Service Pack 2",

"QG_HOSTID": "8725d236-7f5b-41e1-b795-fa67e3adc108",

"TRACKING_METHOD": "EC2"

}

]

}

}

Human Readable Output

Host Detection List

ID	IP	DNS_DATA	38170	38173	38601	38628	38657	70000	90882
123	1.1.1.1	HOSTNAME: xxx	Certificate #0 CN=WIN-2IDQKTU63RC (WIN-2IDQKTU63RC) doesn't resolve	Certificate #0 CN=WIN-2IDQKTU63RC unable to get local issuer certificate	CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE TLSv1 WITH RC4 CIPHERS IS SUPPORTED RC4-MD5 RSA RSA MD5 RC4(128) MEDIUM RC4-SHA RSA RSA SHA1 RC4(128) MEDIUM TLSv1.1 WITH RC4 CIPHERS IS SUPPORTED RC4-MD5 RSA RSA MD5 RC4(128) MEDIUM RC4-SHA RSA RSA SHA1 RC4(128) MEDIUM TLSv1.2 WITH RC4 CIPHERS IS SUPPORTED RC4-MD5 RSA RSA MD5 RC4(128) MEDIUM RC4-SHA RSA RSA SHA1 RC4(128) MEDIUM	TLSv1.0 is supported	CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE TLSv1 WITH 64-BIT CBC CIPHERS IS SUPPORTED DES-CBC3-SHA RSA RSA SHA1 3DES(168) MEDIUM TLSv1.1 WITH 64-BIT CBC CIPHERS IS SUPPORTED DES-CBC3-SHA RSA RSA SHA1 3DES(168) MEDIUM TLSv1.2 WITH 64-BIT CBC CIPHERS IS SUPPORTED DES-CBC3-SHA RSA RSA SHA1 3DES(168) MEDIUM	WIN-2IDQKTU63RC	RDP Supported Encryption methods: RC4(40 bit),RC4(56 bit)

Host Detection List

ID	IP	DNS_DATA	70000	70001	90882	90883	105500	105501	105632
1234	1.1.1.1	HOSTNAME: xxx	AMAZON-544DB96A	Device Name Comment Type IPC$ Remote IPC -2147483645 C$ Default share -2147483648 ADMIN$ Remote Admin -2147483648	RDP Supported Encryption methods: RC4(40 bit),RC4(56 bit)	RDP Public key is 512 bits long.	QID: 105500 detected on port 3389 over TCP.	QID: 105501 detected on port 3389 over TCP.	EOL/Obsolete Operating System : Windows Server 2003 R2 Detected

qualys-host-update

---

Update host attributes using new update parameters.

Base Command

qualys-host-update

Input

Argument Name	Description	Required
ids	A comma-separated list of host IDs/ranges to update. A host ID range is specified with a hyphen (for example, 190-400). Valid host IDs are required. Either the ips or ids parameter must be supplied. IDs or IPs can be retrieved via running the qualys-host-list-detection command, using the ID field or IPs field.	Optional
ips	A comma-separated list of host IP addresses/ranges to add to, remove from or replace in the restricted IPs list. An IP range is specified with a hyphen (for example, 10.10.30.1-10.10.30.50). Either the ips or ids parameter must be supplied.	Optional
network_id	(Valid only when the Network Support feature is enabled for the user’s account.) The network ID of the custom network for which to restrict the request. When unspecified, defaults to Global Default Network.	Optional
host_dns	The DNS hostname for the IP you want to update. A single IP must be specified in the same request and the IP will only be updated if it matches the hostname specified.	Optional
host_netbios	The NetBIOS hostname for the IP you want to update. A single IP must be specified in the same request and the IP will only be updated if it matches the hostname specified.	Optional
tracking_method	Show only IP addresses/ranges which have a certain tracking method. Possible values are: IP, DNS, NETBIOS.	Optional
new_tracking_method	The new tracking method. Note - You cannot change the tracking method to EC2 or AGENT. If an IP is already tracked by EC2 or AGENT, you cannot change the tracking method to something else. Possible values are: IP, DNS, NETBIOS.	Optional
new_owner	The new owner of the host asset(s). The owner must be a Manager. Another user (Unit Manager, Scanner, Reader) can be the owner if the IP address is in the user’s account.	Optional
new_comment	The user-defined comments. Specify new comments for the host asset(s).	Optional
new_ud1	Change value for user-defined field 1. You can specify a maximum of 128 characters (ASCII) for each field value.	Optional
new_ud2	Change value for user-defined field 2. You can specify a maximum of 128 characters (ASCII) for each field value.	Optional
new_ud3	Change value for user-defined field 3. You can specify a maximum of 128 characters (ASCII) for each field value.	Optional

Context Output

Path	Type	Description
Qualys.Endpoint.Update.DATETIME	Date	Date the command was executed.
Qualys.Endpoint.Update.TEXT	String	Qualys response for the host update.

Command example

!qualys-host-update ids=35700896 new_comment=comment

Context Example

{

"Qualys": {

"Endpoint": {

"Update": {

"DATETIME": "2022-05-12T14:25:43Z",

"TEXT": "Assets successfully updated"

}

}

}

}

Human Readable Output

Assets successfully updated

qualys-update-unix-record

---

Update Unix records for authenticated scans of hosts running on Unix

Base Command

qualys-update-unix-record

Input

Argument Name	Description	Required
ids	Record IDs to update.	Required
add_ips	IPs specified will overwrite existing IPs in the record, and existing IPs will be removed.	Required

Context Output

There is no context output for this command.

qualys-asset-tag-list

---

List asset tags based on a search criteria.

Base Command

qualys-asset-tag-list

Input

Argument Name	Description	Required
criteria	Criteria field to search by predefined types. Possible values are: parent, provider, ruleType, name, id, criticalityScore.	Required
operator	Operator assigned to the search criteria.	Required
search_data	search content.	Required
limit	Automatic Pagination.	Optional

Context Output

Path	Type	Description
Qualys.AssetTags.id	Number	Parent asset tag ID.
Qualys.AssetTags.name	String	Parent asset tag name.
Qualys.AssetTags.criticality_score	Number	Criticality score assigned to the asset tag.
Qualys.AssetTags.chlid_id	Number	Child asset tags ID.
Qualys.AssetTags.chlid_id.child_name	String	Child asset tags name.
Qualys.AssetTags.tag_name.rule_type	String	Created tag rule type.
Qualys.AssetTags.tag_name.rule_text	String	Created tag rule text.

Command example

!qualys-asset-tag-list criteria=name operator=EQUALS search_data="example_tag"

Context Example

{

"Qualys": {

"AssetTags": {

"childTags": [

{

"id": "1",

"name": "child1"

},

{

"id": "2",

"name": "child2"

}

],

"created": "2022-11-29T12:54:52Z",

"criticalityScore": "3",

"id": "0",

"modified": "2022-11-29T12:54:52Z",

"name": "example_tag",

"ruleText": "example"

}

}

}

Human Readable Output

Tags identified by the specified filter

Id	Name	Criticality Score	Rule Text	Child Tags
0	example_tag	3	example	- id: 1 name: child1 - id: 2 name: child2

qualys-asset-tag-create

---

Create a new asset tag.

Base Command

qualys-asset-tag-create

Input

Argument Name	Description	Required
name	Name of the created tag.	Required
child_name	Names of the created child tags.	Optional
rule_type	Type of rule to dynamically tagging host. The Rule Type argument determines the type of the Rule Text argument that is acceptable. Possible values are: INSTALLED_SOFTWARE, NETWORK_RANGE, NAME_CONTAINS, OPEN_PORTS, VULN_EXIST, STATIC.	Required
rule_text	Criteria for the rule. Optional for STATIC rule type, required for the rest of the rule types. Acceptable formats for each Rule Type argument: NETWORK_RANGE - formats: IP Range OR IP Subnet Mask (Exmaple: 10.10.10.1-10.10.10.6 OR 10.10.10.0/24) VULN_EXIST(QID) - format: Number (Exmple: 12345) OPEN_PORTS - format: List of numbers (Exmaple: 443,888,12034) NAME_CONTAINS - format: REGEX (Exmaple: "/^example/") INSTALLED_SOFTWARE - format: REGEX (Exmaple: "/^example/") STATIC - RULE TEXT OPTIONAL	Optional
criticality_score	Criticality score of the asset tag. Values between 1 (lowest) and 5 (highest).	Optional

Context Output

Path	Type	Description
Qualys.AssetTags.id	String	Parent asset tag ID.
Qualys.AssetTags.name	String	Parent asset tag name.
Qualys.AssetTags.criticality_score	Number	Criticality score assigned to the asset tag.
Qualys.AssetTags.chlid_id	Number	Child asset tags ID.
Qualys.AssetTags.chlid_id.child_name	String	Child asset tags name.
Qualys.AssetTags.tag_name.rule_type	String	Created tag rule type.
Qualys.AssetTags.tag_name.rule_text	String	Created tag rule text.

Command example

!qualys-asset-tag-create name=example_tag rule_type=STATIC rule_text="example" child_name=child1,child2 criticality_score=3

Context Example

{

"Qualys": {

"AssetTags": {

"childTags": [

{

"id": "1",

"name": "child2"

},

{

"id": "2",

"name": "child1"

}

],

"created": "2022-11-29T12:54:52Z",

"criticalityScore": "3",

"id": "0",

"modified": "2022-11-29T12:54:52Z",

"name": "example_tag",

"ruleText": "example"

}

}

}

Human Readable Output

Asset Tags Created

Id	Name	Criticality Score	Rule Text	Child Tags
0	example_tag	3	example	- id: 1 name: child2 - id: 2 name: child1

qualys-asset-tag-update

---

Update an existing asset tag.

Base Command

qualys-asset-tag-update

Input

Argument Name	Description	Required
id	ID of the tag to update.	Required
name	Name of the created tag.	Required
rule_type	Type of rule to dynamically tagging host. The Rule Type argument determines the type of the Rule Text argument that is acceptable. Possible values are: INSTALLED_SOFTWARE, NETWORK_RANGE, NAME_CONTAINS, OPEN_PORTS, VULN_EXIST, STATIC.	Required
rule_text	Criteria for the rule. Optional for STATIC rule type, required for the rest of the rule types. Acceptable formats for each Rule Type argument: NETWORK_RANGE - formats: IP Range OR IP Subnet Mask (Exmaple: 10.10.10.1-10.10.10.6 OR 10.10.10.0/24) VULN_EXIST(QID) - format: Number (Exmple: 12345) NAME_CONTAINS - format: REGEX (Exmaple: "/^example/") INSTALLED_SOFTWARE - format: REGEX (Exmaple: "/^example/") STATIC - RULE TEXT OPTIONAL	Optional
child_to_remove	Comma-separated list of child tag ID's to remove.	Optional
criticality_score	Criticality score of the asset tag. Values between 1 (lowest) and 5 (highest).	Optional

Context Output

There is no context output for this command.

Command example

!qualys-asset-tag-update name=example_tag_updated rule_type=STATIC rule_text="example" id=12345

Human Readable Output

Asset tag updated.

qualys-asset-tag-delete

---

Delete an existing asset tag.

Base Command

qualys-asset-tag-delete

Input

Argument Name	Description	Required
id	ID of the tag to delete.	Required

Context Output

There is no context output for this command.

Command example

!qualys-asset-tag-delete id=12345

Human Readable Output

Asset tag deleted.

qualys-update-vmware-record

---

Update Vmware records for authenticated scans of hosts running on Vmware.

Base Command

qualys-update-vmware-record

Input

Argument Name	Description	Required
ids	A comma-separated list of record IDs to update. Specify record IDs and/or ID ranges.	Required
add_ips	A comma-separated list of IPs and/or ranges to add to the IPs list for this record.	Required

Context Output

There is no context output for this command.

Command Example

!qualys-update-vmware-record ids=123 add_ips=5.2.8.9

Human Readable Output

Successfully Updated

qualys-update-vcenter-record

---

Update vCenter records for authenticated scans of hosts running on vCenter.

Base Command

qualys-update-vcenter-record

Input

Argument Name	Description	Required
ids	A comma-separated list of record IDs to update. Specify record IDs and/or ID ranges.	Required
add_ips	A comma-separated list of IPs and/or ranges to add to the IPs list for this record.	Required

Context Output

There is no context output for this command.

Command Example

!qualys-update-vmware-record ids=123 add_ips=5.2.8.9

Human Readable Output

Successfully Updated

qualys-vcenter-esxi-mapped-record-list

---

List VCenter ESXi mapping records.

Base Command

qualys-vcenter-esxi-mapped-record-list

Input

Argument Name	Description	Required
limit	Specify a positive numeric value to limit the amount of results in the requested list.	Optional

Context Output

Path	Type	Description
Qualys.VcenterToEsxi.ESXI_IP	unknown	The IP address of the ESXi server.
Qualys.VcenterToEsxi.MAPPING_DATA_SOURCE	unknown	The source of this mapping record.
Qualys.VcenterToEsxi.VCENTER_IP	unknown	The IP address of the vCenter.

Command Example

!qualys-vcenter-esxi-mapped-record-list

Context Example

{

"Qualys": {

"VcenterToEsxi": {

"ESXI_IP": "1.1.1.1",

"MAPPING_DATA_SOURCE": "File",

"VCENTER_IP": "1.1.1.3"

}

}

}

Human Readable Output

Vcenter ESXI IP List

ESXI_IP	MAPPING_DATA_SOURCE	VCENTER_IP
1.1.1.1	FILE	1.1.1.3

qualys-vcenter-esxi-mapped-record-import

---

Import vCenter - ESXi mapping records.

Base Command

qualys-vcenter-esxi-mapped-record-import

Input

Argument Name	Description	Required
csv_data	The CSV data file containing the vCenter - ESXi mapping records that you want to import.	Required

Context Output

There is no context output for this command.

Command Example

!qualys-vcenter-esxi-mapped-record-import csv_data=`vCenter IP,ESXi IP 1.1.1.1,1.1.1.2

Human Readable Output

Successfully imported 1 record

qualys-vcenter-esxi-mapped-record-purge

---

Purge vCenter - ESXi mapping records.

Base Command

qualys-vcenter-esxi-mapped-record-purge

Input

Argument Name	Description	Required
csv_data	The CSV data file containing the vCenter - ESXi mapping records that you want to purge.	Required

Context Output

There is no context output for this command.

Command Example

!qualys-vcenter-esxi-mapped-record-purge csv_data=`vCenter IP,ESXi IP 1.1.1.1,1.1.1.2

Human Readable Output

Successfully purged 1 record

qualys-get-events

---

Manual command to fetch events from Qualys and display them.

Base Command

qualys-get-events

Input

Argument Name	Description	Required
should_push_events	If true, the command will create events, otherwise it will only display them. Default is false.	Required
limit	Date to return results from.	Optional
since_datetime	Date to return results from.	Optional
offset	Offset which events to return.	Optional

Context Output

There is no context output for this command.

qualys-get-assets

---

Manual command to fetch assets from Qualys and display them.

Base Command

qualys-get-assets

Input

Argument Name	Description	Required
should_push_assets	If true, the command will create assets, otherwise it will only display the amount of available assets. Default is false.	Required

Context Output

There is no context output for this command.