182.254.169.166
{
"scan_id": 1770475284,
"ip": "182.254.169.166",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "182.254.160.0/19",
"postal_code": "",
"coordinates": {
"latitude": "23.1181",
"longitude": "113.2539"
},
"geo_point": "23.1181, 113.2539",
"locale_code": "en",
"continent": "Asia",
"country_code": "CN",
"country_name": "China",
"city": "Guangzhou"
},
"location_updated_at": "2026-02-08T16:44:39Z",
"asn": {
"number": "AS45090",
"organization": "Shenzhen Tencent Computer Systems Company Limited",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "182.254.128.0/17",
"organization": "Tencent cloud computing (Beijing) Co., Ltd.",
"descr": "Tencent cloud computing (Beijing) Co., Ltd.,\nFloor 6, Yinke Building,38 Haidian St,,\nHaidian District Beijing",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T19:04:31Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2026-02-08T16:44:39Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2026-02-08T22:48:50Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2026-02-08T16:44:39Z"
}
],
"services": [
{
"port": 21,
"protocol": "tcp",
"name": "ftp",
"version": "0.9.41 beta",
"product": "FileZilla ftpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:filezilla-project:filezilla_server:0.9.41_beta",
"part": "a",
"vendor": "filezilla\\-project",
"product": "filezilla_server",
"version": "0\\.9\\.41_beta",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"cve": [
{
"id": "CVE-2014-0160",
"severity": "high"
},
{
"id": "CVE-2014-0224",
"severity": "high"
},
{
"id": "CVE-2015-10003",
"severity": "medium"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-02-08T06:00:41.476Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "1.21.6",
"product": "nginx",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx:1.21.6",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "1\\.21\\.6",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"url": "http://182.254.169.166/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-02-01T22:56:02.882Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "1.21.6",
"product": "nginx",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx:1.21.6",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "1\\.21\\.6",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -258927663,
"body_sha256": "c649b72d40b182375b97337744d6ed80b886d0a4cce87fe9f3b7bd7ebef7f6de",
"component": [
"Nginx:1.21.6"
],
"content_length": 153,
"headers": {
"connection": [
"keep-alive"
],
"content_length": [
"153"
],
"content_type": [
"text/html"
],
"date": [
"Thu, 15 Jan 2026 06:00:53 GMT"
],
"server": [
"nginx/1.21.6"
]
},
"protocol": "HTTP/1.1",
"status_code": 403,
"title": "403 Forbidden"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://crt.trust"
],
"ocsp_urls": [
"http://ocsp.trust"
]
},
"authority_key_id": "5f3a7c11107e0c677161dc8ba3b5000367f5571c",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"cps": [
"https://sectigo.com/CPS"
],
"id": "1.3.6.1.4.1.6449.1.2.2.49"
},
{
"id": "2.23.140.1.2.1"
}
],
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"static.jonvie.com"
]
},
"subject_key_id": "5397aea6f2618773c9356f75b740962afe9ad765"
},
"fingerprint_md5": "4D208EBCF0015C8B79A90F23BFE59730",
"fingerprint_sha1": "7FD0D8DCB00D383DC9F8813E66FF495175C96E8F",
"fingerprint_sha256": "50FB9ED6D25B23BEC74E2CE1376C5951066043467BD0ED5146E60CF7AAA33383",
"issuer": {
"common_name": [
"TrustAsia RSA DV TLS CA G2"
],
"country": [
"CN"
],
"organization": [
"TrustAsia Technologies, Inc."
]
},
"jarm": "2ad2ad0002ad2ad22c2ad2ad2ad2ad703dc1bf20eb9604decefea997eabff7",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "60852124786772834999862579147111000373",
"signature": {
"algorithm": {
"name": "SHA384-RSA",
"oid": "1.2.840.113549.1.1.12"
},
"self_signed": false
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "76ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3045022100da4f66cc0400cdb7e0f9bc31f7adca9fb984c2861ab3d55e09fe3e8b135e780402205f1868ab4c375f066d3986cd422a41c31fb3b19cf707f2c576a1acca0d3bca9e"
},
"timestamp": "2023-07-22T13:30:10.257000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3044022062be073cf41150b9e225b8c0ad8393855c578dd190bfc4d574caebf5d83c1af802202d6dcb878fb47ffd55eeb8435307d828ff6efa30761ca498ca624ed0556b95a7"
},
"timestamp": "2023-07-22T13:30:10.337000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3045022100e808feadaadb16ab98bd5c7aac54c5025837dca6338a23c240d6c1d49008c65002203d387525b483124b0a62efbc1ffbd5e67c3a8441b153e9f20b674e60870b5255"
},
"timestamp": "2023-07-22T13:30:10.302000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"static.jonvie.com"
]
},
"subject_alt_name": {
"dns_names": [
"static.jonvie.com"
],
"extended_dns_names": [
{
"domain": "jonvie",
"fld": "jonvie.com",
"subdomain": "static",
"tld": "com"
}
]
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "c70e1d849c25efa7704bb72179fe2bc61eaa312bf3fe01e11e1aa485c1f7a140",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "4d80c0d13091cc6d37564a5fb5fe600e9da9da5e9364f6caa1c915fc36baea82",
"tbs_noct_fingerprint": "10fab5275b7070f4555a538762acf2211036e7f8d09053f50a05ec08e66cf422",
"validation_level": "DV",
"validity": {
"length_seconds": 34041600,
"not_after": "2024-08-18T23:59:59",
"not_before": "2023-07-22T00:00:00"
},
"version": 2
},
"fingerprint_sha256": "50FB9ED6D25B23BEC74E2CE1376C5951066043467BD0ED5146E60CF7AAA33383",
"precert": false,
"tags": [
"dv",
"trusted"
]
}
},
"url": "https://182.254.169.166/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-02-10T08:25:08.096Z"
},
{
"port": 8080,
"protocol": "tcp",
"name": "http",
"version": "8.5",
"product": "Microsoft IIS httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:microsoft:internet_information_services:8.5",
"part": "a",
"vendor": "microsoft",
"product": "internet_information_services",
"version": "8\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"cve": [
{
"id": "CVE-2014-4078",
"severity": "medium"
}
],
"url": "http://182.254.169.166:8080/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-02-02T20:28:47.983Z"
}
],
"services_hash": "231638174d04e387e060c42a666e3120d963da04beec48d8d24edc176dc64f17",
"last_updated_at": "2026-02-10T08:25:08.096Z",
"banner": [
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-2014-0160": {
"id": "CVE-2014-0160",
"references": [
"http://advisories.mageia.org/MGASA-2014-0165.html",
"http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/",
"http://cogentdatahub.com/ReleaseNotes.html",
"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01",
"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3",
"http://heartbleed.com/",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html",
"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html",
"http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html",
"http://marc.info/?l=bugtraq&m=139722163017074&w=2",
"http://marc.info/?l=bugtraq&m=139757726426985&w=2",
"http://marc.info/?l=bugtraq&m=139757819327350&w=2",
"http://marc.info/?l=bugtraq&m=139757919027752&w=2",
"http://marc.info/?l=bugtraq&m=139758572430452&w=2",
"http://marc.info/?l=bugtraq&m=139765756720506&w=2",
"http://marc.info/?l=bugtraq&m=139774054614965&w=2",
"http://marc.info/?l=bugtraq&m=139774703817488&w=2",
"http://marc.info/?l=bugtraq&m=139808058921905&w=2",
"http://marc.info/?l=bugtraq&m=139817685517037&w=2",
"http://marc.info/?l=bugtraq&m=139817727317190&w=2",
"http://marc.info/?l=bugtraq&m=139817782017443&w=2",
"http://marc.info/?l=bugtraq&m=139824923705461&w=2",
"http://marc.info/?l=bugtraq&m=139824993005633&w=2",
"http://marc.info/?l=bugtraq&m=139833395230364&w=2",
"http://marc.info/?l=bugtraq&m=139835815211508&w=2",
"http://marc.info/?l=bugtraq&m=139835844111589&w=2",
"http://marc.info/?l=bugtraq&m=139836085512508&w=2",
"http://marc.info/?l=bugtraq&m=139842151128341&w=2",
"http://marc.info/?l=bugtraq&m=139843768401936&w=2",
"http://marc.info/?l=bugtraq&m=139869720529462&w=2",
"http://marc.info/?l=bugtraq&m=139869891830365&w=2",
"http://marc.info/?l=bugtraq&m=139889113431619&w=2",
"http://marc.info/?l=bugtraq&m=139889295732144&w=2",
"http://marc.info/?l=bugtraq&m=139905202427693&w=2",
"http://marc.info/?l=bugtraq&m=139905243827825&w=2",
"http://marc.info/?l=bugtraq&m=139905295427946&w=2",
"http://marc.info/?l=bugtraq&m=139905351928096&w=2",
"http://marc.info/?l=bugtraq&m=139905405728262&w=2",
"http://marc.info/?l=bugtraq&m=139905458328378&w=2",
"http://marc.info/?l=bugtraq&m=139905653828999&w=2",
"http://marc.info/?l=bugtraq&m=139905868529690&w=2",
"http://marc.info/?l=bugtraq&m=140015787404650&w=2",
"http://marc.info/?l=bugtraq&m=140075368411126&w=2",
"http://marc.info/?l=bugtraq&m=140724451518351&w=2",
"http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"http://marc.info/?l=bugtraq&m=141287864628122&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1",
"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3",
"http://rhn.redhat.com/errata/RHSA-2014-0376.html",
"http://rhn.redhat.com/errata/RHSA-2014-0377.html",
"http://rhn.redhat.com/errata/RHSA-2014-0378.html",
"http://rhn.redhat.com/errata/RHSA-2014-0396.html",
"http://seclists.org/fulldisclosure/2014/Apr/109",
"http://seclists.org/fulldisclosure/2014/Apr/173",
"http://seclists.org/fulldisclosure/2014/Apr/190",
"http://seclists.org/fulldisclosure/2014/Apr/90",
"http://seclists.org/fulldisclosure/2014/Apr/91",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://secunia.com/advisories/57347",
"http://secunia.com/advisories/57483",
"http://secunia.com/advisories/57721",
"http://secunia.com/advisories/57836",
"http://secunia.com/advisories/57966",
"http://secunia.com/advisories/57968",
"http://secunia.com/advisories/59139",
"http://secunia.com/advisories/59243",
"http://secunia.com/advisories/59347",
"http://support.citrix.com/article/CTX140605",
"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661",
"http://www-01.ibm.com/support/docview.wss?uid=swg21670161",
"http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf",
"http://www.blackberry.com/btsc/KB35882",
"http://www.debian.org/security/2014/dsa-2896",
"http://www.exploit-db.com/exploits/32745",
"http://www.exploit-db.com/exploits/32764",
"http://www.f-secure.com/en/web/labs_global/fsc-2014-1",
"http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/",
"http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/",
"http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/",
"http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/",
"http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"http://www.kb.cert.org/vuls/id/720951",
"http://www.kerio.com/support/kerio-control/release-history",
"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"http://www.openssl.org/news/secadv_20140407.txt",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securityfocus.com/bid/66690",
"http://www.securitytracker.com/id/1030026",
"http://www.securitytracker.com/id/1030074",
"http://www.securitytracker.com/id/1030077",
"http://www.securitytracker.com/id/1030078",
"http://www.securitytracker.com/id/1030079",
"http://www.securitytracker.com/id/1030080",
"http://www.securitytracker.com/id/1030081",
"http://www.securitytracker.com/id/1030082",
"http://www.splunk.com/view/SP-CAAAMB3",
"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00",
"http://www.ubuntu.com/usn/USN-2165-1",
"http://www.us-cert.gov/ncas/alerts/TA14-098A",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"https://blog.torproject.org/blog/openssl-bug-cve-2014-0160",
"https://bugzilla.redhat.com/show_bug.cgi?id=1084875",
"https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf",
"https://code.google.com/p/mod-spdy/issues/detail?id=85",
"https://filezilla-project.org/versions.php?type=server",
"https://gist.github.com/chapmajs/10473815",
"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken",
"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html",
"https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html",
"https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html",
"https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217",
"https://www.cert.fi/en/reports/2014/vulnerability788210.html",
"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008",
"https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd",
"http://advisories.mageia.org/MGASA-2014-0165.html",
"http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/",
"http://cogentdatahub.com/ReleaseNotes.html",
"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01",
"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3",
"http://heartbleed.com/",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html",
"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html",
"http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html",
"http://marc.info/?l=bugtraq&m=139722163017074&w=2",
"http://marc.info/?l=bugtraq&m=139757726426985&w=2",
"http://marc.info/?l=bugtraq&m=139757819327350&w=2",
"http://marc.info/?l=bugtraq&m=139757919027752&w=2",
"http://marc.info/?l=bugtraq&m=139758572430452&w=2",
"http://marc.info/?l=bugtraq&m=139765756720506&w=2",
"http://marc.info/?l=bugtraq&m=139774054614965&w=2",
"http://marc.info/?l=bugtraq&m=139774703817488&w=2",
"http://marc.info/?l=bugtraq&m=139808058921905&w=2",
"http://marc.info/?l=bugtraq&m=139817685517037&w=2",
"http://marc.info/?l=bugtraq&m=139817727317190&w=2",
"http://marc.info/?l=bugtraq&m=139817782017443&w=2",
"http://marc.info/?l=bugtraq&m=139824923705461&w=2",
"http://marc.info/?l=bugtraq&m=139824993005633&w=2",
"http://marc.info/?l=bugtraq&m=139833395230364&w=2",
"http://marc.info/?l=bugtraq&m=139835815211508&w=2",
"http://marc.info/?l=bugtraq&m=139835844111589&w=2",
"http://marc.info/?l=bugtraq&m=139836085512508&w=2",
"http://marc.info/?l=bugtraq&m=139842151128341&w=2",
"http://marc.info/?l=bugtraq&m=139843768401936&w=2",
"http://marc.info/?l=bugtraq&m=139869720529462&w=2",
"http://marc.info/?l=bugtraq&m=139869891830365&w=2",
"http://marc.info/?l=bugtraq&m=139889113431619&w=2",
"http://marc.info/?l=bugtraq&m=139889295732144&w=2",
"http://marc.info/?l=bugtraq&m=139905202427693&w=2",
"http://marc.info/?l=bugtraq&m=139905243827825&w=2",
"http://marc.info/?l=bugtraq&m=139905295427946&w=2",
"http://marc.info/?l=bugtraq&m=139905351928096&w=2",
"http://marc.info/?l=bugtraq&m=139905405728262&w=2",
"http://marc.info/?l=bugtraq&m=139905458328378&w=2",
"http://marc.info/?l=bugtraq&m=139905653828999&w=2",
"http://marc.info/?l=bugtraq&m=139905868529690&w=2",
"http://marc.info/?l=bugtraq&m=140015787404650&w=2",
"http://marc.info/?l=bugtraq&m=140075368411126&w=2",
"http://marc.info/?l=bugtraq&m=140724451518351&w=2",
"http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"http://marc.info/?l=bugtraq&m=141287864628122&w=2",
"http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1",
"http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3",
"http://rhn.redhat.com/errata/RHSA-2014-0376.html",
"http://rhn.redhat.com/errata/RHSA-2014-0377.html",
"http://rhn.redhat.com/errata/RHSA-2014-0378.html",
"http://rhn.redhat.com/errata/RHSA-2014-0396.html",
"http://seclists.org/fulldisclosure/2014/Apr/109",
"http://seclists.org/fulldisclosure/2014/Apr/173",
"http://seclists.org/fulldisclosure/2014/Apr/190",
"http://seclists.org/fulldisclosure/2014/Apr/90",
"http://seclists.org/fulldisclosure/2014/Apr/91",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://secunia.com/advisories/57347",
"http://secunia.com/advisories/57483",
"http://secunia.com/advisories/57721",
"http://secunia.com/advisories/57836",
"http://secunia.com/advisories/57966",
"http://secunia.com/advisories/57968",
"http://secunia.com/advisories/59139",
"http://secunia.com/advisories/59243",
"http://secunia.com/advisories/59347",
"http://support.citrix.com/article/CTX140605",
"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661",
"http://www-01.ibm.com/support/docview.wss?uid=swg21670161",
"http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf",
"http://www.blackberry.com/btsc/KB35882",
"http://www.debian.org/security/2014/dsa-2896",
"http://www.exploit-db.com/exploits/32745",
"http://www.exploit-db.com/exploits/32764",
"http://www.f-secure.com/en/web/labs_global/fsc-2014-1",
"http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/",
"http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/",
"http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/",
"http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/",
"http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"http://www.kb.cert.org/vuls/id/720951",
"http://www.kerio.com/support/kerio-control/release-history",
"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"http://www.openssl.org/news/secadv_20140407.txt",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securityfocus.com/bid/66690",
"http://www.securitytracker.com/id/1030026",
"http://www.securitytracker.com/id/1030074",
"http://www.securitytracker.com/id/1030077",
"http://www.securitytracker.com/id/1030078",
"http://www.securitytracker.com/id/1030079",
"http://www.securitytracker.com/id/1030080",
"http://www.securitytracker.com/id/1030081",
"http://www.securitytracker.com/id/1030082",
"http://www.splunk.com/view/SP-CAAAMB3",
"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00",
"http://www.ubuntu.com/usn/USN-2165-1",
"http://www.us-cert.gov/ncas/alerts/TA14-098A",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"https://blog.torproject.org/blog/openssl-bug-cve-2014-0160",
"https://bugzilla.redhat.com/show_bug.cgi?id=1084875",
"https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf",
"https://code.google.com/p/mod-spdy/issues/detail?id=85",
"https://filezilla-project.org/versions.php?type=server",
"https://gist.github.com/chapmajs/10473815",
"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken",
"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E",
"https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html",
"https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html",
"https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html",
"https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217",
"https://www.cert.fi/en/reports/2014/vulnerability788210.html",
"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008",
"https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd",
"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0160"
],
"score": 7.5,
"services": [
"21/ftp"
],
"severity": "high",
"summary": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2014-0224": {
"id": "CVE-2014-0224",
"references": [
"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc",
"http://ccsinjection.lepidum.co.jp",
"http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html",
"http://esupport.trendmicro.com/solution/en-US/1103813.aspx",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629",
"http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195",
"http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217",
"http://linux.oracle.com/errata/ELSA-2014-1053.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html",
"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html",
"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html",
"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
"http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html",
"http://marc.info/?l=bugtraq&m=140266410314613&w=2",
"http://marc.info/?l=bugtraq&m=140317760000786&w=2",
"http://marc.info/?l=bugtraq&m=140369637402535&w=2",
"http://marc.info/?l=bugtraq&m=140386311427810&w=2",
"http://marc.info/?l=bugtraq&m=140389274407904&w=2",
"http://marc.info/?l=bugtraq&m=140389355508263&w=2",
"http://marc.info/?l=bugtraq&m=140431828824371&w=2",
"http://marc.info/?l=bugtraq&m=140448122410568&w=2",
"http://marc.info/?l=bugtraq&m=140482916501310&w=2",
"http://marc.info/?l=bugtraq&m=140491231331543&w=2",
"http://marc.info/?l=bugtraq&m=140499864129699&w=2",
"http://marc.info/?l=bugtraq&m=140544599631400&w=2",
"http://marc.info/?l=bugtraq&m=140604261522465&w=2",
"http://marc.info/?l=bugtraq&m=140621259019789&w=2",
"http://marc.info/?l=bugtraq&m=140672208601650&w=2",
"http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"http://marc.info/?l=bugtraq&m=140784085708882&w=2",
"http://marc.info/?l=bugtraq&m=140794476212181&w=2",
"http://marc.info/?l=bugtraq&m=140852757108392&w=2",
"http://marc.info/?l=bugtraq&m=140852826008699&w=2",
"http://marc.info/?l=bugtraq&m=140870499402361&w=2",
"http://marc.info/?l=bugtraq&m=140904544427729&w=2",
"http://marc.info/?l=bugtraq&m=140983229106599&w=2",
"http://marc.info/?l=bugtraq&m=141025641601169&w=2",
"http://marc.info/?l=bugtraq&m=141147110427269&w=2",
"http://marc.info/?l=bugtraq&m=141164638606214&w=2",
"http://marc.info/?l=bugtraq&m=141383410222440&w=2",
"http://marc.info/?l=bugtraq&m=141383465822787&w=2",
"http://marc.info/?l=bugtraq&m=141658880509699&w=2",
"http://marc.info/?l=bugtraq&m=142350350616251&w=2",
"http://marc.info/?l=bugtraq&m=142546741516006&w=2",
"http://marc.info/?l=bugtraq&m=142805027510172&w=2",
"http://puppetlabs.com/security/cve/cve-2014-0224",
"http://rhn.redhat.com/errata/RHSA-2014-0624.html",
"http://rhn.redhat.com/errata/RHSA-2014-0626.html",
"http://rhn.redhat.com/errata/RHSA-2014-0627.html",
"http://rhn.redhat.com/errata/RHSA-2014-0630.html",
"http://rhn.redhat.com/errata/RHSA-2014-0631.html",
"http://rhn.redhat.com/errata/RHSA-2014-0632.html",
"http://rhn.redhat.com/errata/RHSA-2014-0633.html",
"http://rhn.redhat.com/errata/RHSA-2014-0680.html",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://seclists.org/fulldisclosure/2014/Jun/38",
"http://secunia.com/advisories/58128",
"http://secunia.com/advisories/58337",
"http://secunia.com/advisories/58385",
"http://secunia.com/advisories/58433",
"http://secunia.com/advisories/58492",
"http://secunia.com/advisories/58579",
"http://secunia.com/advisories/58615",
"http://secunia.com/advisories/58639",
"http://secunia.com/advisories/58660",
"http://secunia.com/advisories/58667",
"http://secunia.com/advisories/58713",
"http://secunia.com/advisories/58714",
"http://secunia.com/advisories/58716",
"http://secunia.com/advisories/58719",
"http://secunia.com/advisories/58742",
"http://secunia.com/advisories/58743",
"http://secunia.com/advisories/58745",
"http://secunia.com/advisories/58759",
"http://secunia.com/advisories/58930",
"http://secunia.com/advisories/58939",
"http://secunia.com/advisories/58945",
"http://secunia.com/advisories/58977",
"http://secunia.com/advisories/59004",
"http://secunia.com/advisories/59012",
"http://secunia.com/advisories/59040",
"http://secunia.com/advisories/59043",
"http://secunia.com/advisories/59055",
"http://secunia.com/advisories/59063",
"http://secunia.com/advisories/59093",
"http://secunia.com/advisories/59101",
"http://secunia.com/advisories/59120",
"http://secunia.com/advisories/59126",
"http://secunia.com/advisories/59132",
"http://secunia.com/advisories/59135",
"http://secunia.com/advisories/59142",
"http://secunia.com/advisories/59162",
"http://secunia.com/advisories/59163",
"http://secunia.com/advisories/59167",
"http://secunia.com/advisories/59175",
"http://secunia.com/advisories/59186",
"http://secunia.com/advisories/59188",
"http://secunia.com/advisories/59189",
"http://secunia.com/advisories/59190",
"http://secunia.com/advisories/59191",
"http://secunia.com/advisories/59192",
"http://secunia.com/advisories/59202",
"http://secunia.com/advisories/59211",
"http://secunia.com/advisories/59214",
"http://secunia.com/advisories/59215",
"http://secunia.com/advisories/59223",
"http://secunia.com/advisories/59231",
"http://secunia.com/advisories/59264",
"http://secunia.com/advisories/59282",
"http://secunia.com/advisories/59284",
"http://secunia.com/advisories/59287",
"http://secunia.com/advisories/59300",
"http://secunia.com/advisories/59301",
"http://secunia.com/advisories/59305",
"http://secunia.com/advisories/59306",
"http://secunia.com/advisories/59310",
"http://secunia.com/advisories/59325",
"http://secunia.com/advisories/59338",
"http://secunia.com/advisories/59342",
"http://secunia.com/advisories/59347",
"http://secunia.com/advisories/59354",
"http://secunia.com/advisories/59362",
"http://secunia.com/advisories/59364",
"http://secunia.com/advisories/59365",
"http://secunia.com/advisories/59368",
"http://secunia.com/advisories/59370",
"http://secunia.com/advisories/59374",
"http://secunia.com/advisories/59375",
"http://secunia.com/advisories/59380",
"http://secunia.com/advisories/59383",
"http://secunia.com/advisories/59389",
"http://secunia.com/advisories/59413",
"http://secunia.com/advisories/59429",
"http://secunia.com/advisories/59435",
"http://secunia.com/advisories/59437",
"http://secunia.com/advisories/59438",
"http://secunia.com/advisories/59440",
"http://secunia.com/advisories/59441",
"http://secunia.com/advisories/59442",
"http://secunia.com/advisories/59444",
"http://secunia.com/advisories/59445",
"http://secunia.com/advisories/59446",
"http://secunia.com/advisories/59447",
"http://secunia.com/advisories/59448",
"http://secunia.com/advisories/59449",
"http://secunia.com/advisories/59450",
"http://secunia.com/advisories/59451",
"http://secunia.com/advisories/59454",
"http://secunia.com/advisories/59459",
"http://secunia.com/advisories/59460",
"http://secunia.com/advisories/59483",
"http://secunia.com/advisories/59490",
"http://secunia.com/advisories/59491",
"http://secunia.com/advisories/59495",
"http://secunia.com/advisories/59502",
"http://secunia.com/advisories/59506",
"http://secunia.com/advisories/59514",
"http://secunia.com/advisories/59518",
"http://secunia.com/advisories/59525",
"http://secunia.com/advisories/59528",
"http://secunia.com/advisories/59529",
"http://secunia.com/advisories/59530",
"http://secunia.com/advisories/59589",
"http://secunia.com/advisories/59602",
"http://secunia.com/advisories/59655",
"http://secunia.com/advisories/59659",
"http://secunia.com/advisories/59661",
"http://secunia.com/advisories/59666",
"http://secunia.com/advisories/59669",
"http://secunia.com/advisories/59677",
"http://secunia.com/advisories/59721",
"http://secunia.com/advisories/59784",
"http://secunia.com/advisories/59824",
"http://secunia.com/advisories/59827",
"http://secunia.com/advisories/59878",
"http://secunia.com/advisories/59885",
"http://secunia.com/advisories/59894",
"http://secunia.com/advisories/59916",
"http://secunia.com/advisories/59990",
"http://secunia.com/advisories/60049",
"http://secunia.com/advisories/60066",
"http://secunia.com/advisories/60176",
"http://secunia.com/advisories/60522",
"http://secunia.com/advisories/60567",
"http://secunia.com/advisories/60571",
"http://secunia.com/advisories/60577",
"http://secunia.com/advisories/60819",
"http://secunia.com/advisories/61254",
"http://secunia.com/advisories/61815",
"http://security.gentoo.org/glsa/glsa-201407-05.xml",
"http://support.apple.com/kb/HT6443",
"http://support.citrix.com/article/CTX140876",
"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html",
"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163",
"http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172",
"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506",
"http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
"http://www-01.ibm.com/support/docview.wss?uid=swg21675626",
"http://www-01.ibm.com/support/docview.wss?uid=swg21675821",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676071",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676333",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676334",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676478",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676496",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676529",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676536",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676615",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676644",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676786",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676833",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676845",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676879",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676889",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677080",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677131",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677390",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677527",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677567",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677836",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678167",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678233",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678289",
"http://www-01.ibm.com/support/docview.wss?uid=swg21683332",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037727",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037729",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037730",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037731",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037732",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037761",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037870",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737",
"http://www.blackberry.com/btsc/KB36051",
"http://www.f-secure.com/en/web/labs_global/fsc-2014-6",
"http://www.fortiguard.com/advisory/FG-IR-14-018/",
"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
"http://www.ibm.com/support/docview.wss?uid=isg3T1020948",
"http://www.ibm.com/support/docview.wss?uid=ssg1S1004678",
"http://www.ibm.com/support/docview.wss?uid=swg1IT02314",
"http://www.ibm.com/support/docview.wss?uid=swg21676356",
"http://www.ibm.com/support/docview.wss?uid=swg21676793",
"http://www.ibm.com/support/docview.wss?uid=swg21676877",
"http://www.ibm.com/support/docview.wss?uid=swg24037783",
"http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"http://www.kb.cert.org/vuls/id/978508",
"http://www.kerio.com/support/kerio-control/release-history",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:105",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:106",
"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"http://www.novell.com/support/kb/doc.php?id=7015264",
"http://www.novell.com/support/kb/doc.php?id=7015300",
"http://www.openssl.org/news/secadv_20140605.txt",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securitytracker.com/id/1031032",
"http://www.securitytracker.com/id/1031594",
"http://www.splunk.com/view/SP-CAAAM2D",
"http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download",
"http://www.vmware.com/security/advisories/VMSA-2014-0006.html",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E",
"https://access.redhat.com/site/blogs/766093/posts/908133",
"https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues",
"https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1",
"https://bugzilla.redhat.com/show_bug.cgi?id=1103586",
"https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf",
"https://discussions.nessus.org/thread/7517",
"https://filezilla-project.org/versions.php?type=server",
"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
"https://kb.bluecoat.com/index?page=content&id=SA80",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10075",
"https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005",
"https://www.ibm.com/support/docview.wss?uid=ssg1S1004670",
"https://www.ibm.com/support/docview.wss?uid=ssg1S1004671",
"https://www.imperialviolet.org/2014/06/05/earlyccs.html",
"https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf",
"https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf",
"https://www.novell.com/support/kb/doc.php?id=7015271",
"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc",
"http://ccsinjection.lepidum.co.jp",
"http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html",
"http://esupport.trendmicro.com/solution/en-US/1103813.aspx",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629",
"http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195",
"http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217",
"http://linux.oracle.com/errata/ELSA-2014-1053.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html",
"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html",
"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html",
"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
"http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html",
"http://marc.info/?l=bugtraq&m=140266410314613&w=2",
"http://marc.info/?l=bugtraq&m=140317760000786&w=2",
"http://marc.info/?l=bugtraq&m=140369637402535&w=2",
"http://marc.info/?l=bugtraq&m=140386311427810&w=2",
"http://marc.info/?l=bugtraq&m=140389274407904&w=2",
"http://marc.info/?l=bugtraq&m=140389355508263&w=2",
"http://marc.info/?l=bugtraq&m=140431828824371&w=2",
"http://marc.info/?l=bugtraq&m=140448122410568&w=2",
"http://marc.info/?l=bugtraq&m=140482916501310&w=2",
"http://marc.info/?l=bugtraq&m=140491231331543&w=2",
"http://marc.info/?l=bugtraq&m=140499864129699&w=2",
"http://marc.info/?l=bugtraq&m=140544599631400&w=2",
"http://marc.info/?l=bugtraq&m=140604261522465&w=2",
"http://marc.info/?l=bugtraq&m=140621259019789&w=2",
"http://marc.info/?l=bugtraq&m=140672208601650&w=2",
"http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"http://marc.info/?l=bugtraq&m=140784085708882&w=2",
"http://marc.info/?l=bugtraq&m=140794476212181&w=2",
"http://marc.info/?l=bugtraq&m=140852757108392&w=2",
"http://marc.info/?l=bugtraq&m=140852826008699&w=2",
"http://marc.info/?l=bugtraq&m=140870499402361&w=2",
"http://marc.info/?l=bugtraq&m=140904544427729&w=2",
"http://marc.info/?l=bugtraq&m=140983229106599&w=2",
"http://marc.info/?l=bugtraq&m=141025641601169&w=2",
"http://marc.info/?l=bugtraq&m=141147110427269&w=2",
"http://marc.info/?l=bugtraq&m=141164638606214&w=2",
"http://marc.info/?l=bugtraq&m=141383410222440&w=2",
"http://marc.info/?l=bugtraq&m=141383465822787&w=2",
"http://marc.info/?l=bugtraq&m=141658880509699&w=2",
"http://marc.info/?l=bugtraq&m=142350350616251&w=2",
"http://marc.info/?l=bugtraq&m=142546741516006&w=2",
"http://marc.info/?l=bugtraq&m=142805027510172&w=2",
"http://puppetlabs.com/security/cve/cve-2014-0224",
"http://rhn.redhat.com/errata/RHSA-2014-0624.html",
"http://rhn.redhat.com/errata/RHSA-2014-0626.html",
"http://rhn.redhat.com/errata/RHSA-2014-0627.html",
"http://rhn.redhat.com/errata/RHSA-2014-0630.html",
"http://rhn.redhat.com/errata/RHSA-2014-0631.html",
"http://rhn.redhat.com/errata/RHSA-2014-0632.html",
"http://rhn.redhat.com/errata/RHSA-2014-0633.html",
"http://rhn.redhat.com/errata/RHSA-2014-0680.html",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://seclists.org/fulldisclosure/2014/Jun/38",
"http://secunia.com/advisories/58128",
"http://secunia.com/advisories/58337",
"http://secunia.com/advisories/58385",
"http://secunia.com/advisories/58433",
"http://secunia.com/advisories/58492",
"http://secunia.com/advisories/58579",
"http://secunia.com/advisories/58615",
"http://secunia.com/advisories/58639",
"http://secunia.com/advisories/58660",
"http://secunia.com/advisories/58667",
"http://secunia.com/advisories/58713",
"http://secunia.com/advisories/58714",
"http://secunia.com/advisories/58716",
"http://secunia.com/advisories/58719",
"http://secunia.com/advisories/58742",
"http://secunia.com/advisories/58743",
"http://secunia.com/advisories/58745",
"http://secunia.com/advisories/58759",
"http://secunia.com/advisories/58930",
"http://secunia.com/advisories/58939",
"http://secunia.com/advisories/58945",
"http://secunia.com/advisories/58977",
"http://secunia.com/advisories/59004",
"http://secunia.com/advisories/59012",
"http://secunia.com/advisories/59040",
"http://secunia.com/advisories/59043",
"http://secunia.com/advisories/59055",
"http://secunia.com/advisories/59063",
"http://secunia.com/advisories/59093",
"http://secunia.com/advisories/59101",
"http://secunia.com/advisories/59120",
"http://secunia.com/advisories/59126",
"http://secunia.com/advisories/59132",
"http://secunia.com/advisories/59135",
"http://secunia.com/advisories/59142",
"http://secunia.com/advisories/59162",
"http://secunia.com/advisories/59163",
"http://secunia.com/advisories/59167",
"http://secunia.com/advisories/59175",
"http://secunia.com/advisories/59186",
"http://secunia.com/advisories/59188",
"http://secunia.com/advisories/59189",
"http://secunia.com/advisories/59190",
"http://secunia.com/advisories/59191",
"http://secunia.com/advisories/59192",
"http://secunia.com/advisories/59202",
"http://secunia.com/advisories/59211",
"http://secunia.com/advisories/59214",
"http://secunia.com/advisories/59215",
"http://secunia.com/advisories/59223",
"http://secunia.com/advisories/59231",
"http://secunia.com/advisories/59264",
"http://secunia.com/advisories/59282",
"http://secunia.com/advisories/59284",
"http://secunia.com/advisories/59287",
"http://secunia.com/advisories/59300",
"http://secunia.com/advisories/59301",
"http://secunia.com/advisories/59305",
"http://secunia.com/advisories/59306",
"http://secunia.com/advisories/59310",
"http://secunia.com/advisories/59325",
"http://secunia.com/advisories/59338",
"http://secunia.com/advisories/59342",
"http://secunia.com/advisories/59347",
"http://secunia.com/advisories/59354",
"http://secunia.com/advisories/59362",
"http://secunia.com/advisories/59364",
"http://secunia.com/advisories/59365",
"http://secunia.com/advisories/59368",
"http://secunia.com/advisories/59370",
"http://secunia.com/advisories/59374",
"http://secunia.com/advisories/59375",
"http://secunia.com/advisories/59380",
"http://secunia.com/advisories/59383",
"http://secunia.com/advisories/59389",
"http://secunia.com/advisories/59413",
"http://secunia.com/advisories/59429",
"http://secunia.com/advisories/59435",
"http://secunia.com/advisories/59437",
"http://secunia.com/advisories/59438",
"http://secunia.com/advisories/59440",
"http://secunia.com/advisories/59441",
"http://secunia.com/advisories/59442",
"http://secunia.com/advisories/59444",
"http://secunia.com/advisories/59445",
"http://secunia.com/advisories/59446",
"http://secunia.com/advisories/59447",
"http://secunia.com/advisories/59448",
"http://secunia.com/advisories/59449",
"http://secunia.com/advisories/59450",
"http://secunia.com/advisories/59451",
"http://secunia.com/advisories/59454",
"http://secunia.com/advisories/59459",
"http://secunia.com/advisories/59460",
"http://secunia.com/advisories/59483",
"http://secunia.com/advisories/59490",
"http://secunia.com/advisories/59491",
"http://secunia.com/advisories/59495",
"http://secunia.com/advisories/59502",
"http://secunia.com/advisories/59506",
"http://secunia.com/advisories/59514",
"http://secunia.com/advisories/59518",
"http://secunia.com/advisories/59525",
"http://secunia.com/advisories/59528",
"http://secunia.com/advisories/59529",
"http://secunia.com/advisories/59530",
"http://secunia.com/advisories/59589",
"http://secunia.com/advisories/59602",
"http://secunia.com/advisories/59655",
"http://secunia.com/advisories/59659",
"http://secunia.com/advisories/59661",
"http://secunia.com/advisories/59666",
"http://secunia.com/advisories/59669",
"http://secunia.com/advisories/59677",
"http://secunia.com/advisories/59721",
"http://secunia.com/advisories/59784",
"http://secunia.com/advisories/59824",
"http://secunia.com/advisories/59827",
"http://secunia.com/advisories/59878",
"http://secunia.com/advisories/59885",
"http://secunia.com/advisories/59894",
"http://secunia.com/advisories/59916",
"http://secunia.com/advisories/59990",
"http://secunia.com/advisories/60049",
"http://secunia.com/advisories/60066",
"http://secunia.com/advisories/60176",
"http://secunia.com/advisories/60522",
"http://secunia.com/advisories/60567",
"http://secunia.com/advisories/60571",
"http://secunia.com/advisories/60577",
"http://secunia.com/advisories/60819",
"http://secunia.com/advisories/61254",
"http://secunia.com/advisories/61815",
"http://security.gentoo.org/glsa/glsa-201407-05.xml",
"http://support.apple.com/kb/HT6443",
"http://support.citrix.com/article/CTX140876",
"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html",
"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163",
"http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172",
"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690",
"http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506",
"http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
"http://www-01.ibm.com/support/docview.wss?uid=swg21675626",
"http://www-01.ibm.com/support/docview.wss?uid=swg21675821",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676071",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676333",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676334",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676478",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676496",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676529",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676536",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676615",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676644",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676786",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676833",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676845",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676879",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676889",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677080",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677131",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677390",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677527",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677567",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
"http://www-01.ibm.com/support/docview.wss?uid=swg21677836",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678167",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678233",
"http://www-01.ibm.com/support/docview.wss?uid=swg21678289",
"http://www-01.ibm.com/support/docview.wss?uid=swg21683332",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037727",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037729",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037730",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037731",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037732",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037761",
"http://www-01.ibm.com/support/docview.wss?uid=swg24037870",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757",
"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737",
"http://www.blackberry.com/btsc/KB36051",
"http://www.f-secure.com/en/web/labs_global/fsc-2014-6",
"http://www.fortiguard.com/advisory/FG-IR-14-018/",
"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
"http://www.ibm.com/support/docview.wss?uid=isg3T1020948",
"http://www.ibm.com/support/docview.wss?uid=ssg1S1004678",
"http://www.ibm.com/support/docview.wss?uid=swg1IT02314",
"http://www.ibm.com/support/docview.wss?uid=swg21676356",
"http://www.ibm.com/support/docview.wss?uid=swg21676793",
"http://www.ibm.com/support/docview.wss?uid=swg21676877",
"http://www.ibm.com/support/docview.wss?uid=swg24037783",
"http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"http://www.kb.cert.org/vuls/id/978508",
"http://www.kerio.com/support/kerio-control/release-history",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:105",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:106",
"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"http://www.novell.com/support/kb/doc.php?id=7015264",
"http://www.novell.com/support/kb/doc.php?id=7015300",
"http://www.openssl.org/news/secadv_20140605.txt",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securitytracker.com/id/1031032",
"http://www.securitytracker.com/id/1031594",
"http://www.splunk.com/view/SP-CAAAM2D",
"http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download",
"http://www.vmware.com/security/advisories/VMSA-2014-0006.html",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E",
"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E",
"https://access.redhat.com/site/blogs/766093/posts/908133",
"https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues",
"https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1",
"https://bugzilla.redhat.com/show_bug.cgi?id=1103586",
"https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf",
"https://discussions.nessus.org/thread/7517",
"https://filezilla-project.org/versions.php?type=server",
"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
"https://kb.bluecoat.com/index?page=content&id=SA80",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10075",
"https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005",
"https://www.ibm.com/support/docview.wss?uid=ssg1S1004670",
"https://www.ibm.com/support/docview.wss?uid=ssg1S1004671",
"https://www.imperialviolet.org/2014/06/05/earlyccs.html",
"https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf",
"https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf",
"https://www.novell.com/support/kb/doc.php?id=7015271"
],
"score": 7.4,
"services": [
"21/ftp"
],
"severity": "high",
"summary": "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"weakness": "CWE-326"
},
"CVE-2014-4078": {
"id": "CVE-2014-4078",
"references": [
"http://www.securityfocus.com/bid/70937",
"http://www.securitytracker.com/id/1031194",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-076"
],
"score": 5.1,
"services": [
"8080/http"
],
"severity": "medium",
"summary": "The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the \"IP Address and Domain Restrictions\" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka \"IIS Security Feature Bypass Vulnerability.\"",
"vector_string": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"weakness": "CWE-264"
},
"CVE-2015-10003": {
"id": "CVE-2015-10003",
"references": [
"http://www.securitygalore.com/site3/filezilla_ftp_server_advisory",
"https://vuldb.com/?id.97203",
"http://www.securitygalore.com/site3/filezilla_ftp_server_advisory",
"https://vuldb.com/?id.97203"
],
"score": 4.3,
"services": [
"21/ftp"
],
"severity": "medium",
"summary": "A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0.9.51 is able to address this issue. It is recommended to upgrade the affected component.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-441"
}
}
}