CVE-2019-11477

{"id": "CVE-2019-11477", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "security@ubuntu.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-06-19T00:15:12.640", "references": [{"url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@ubuntu.com"}, {"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@ubuntu.com"}, {"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.openwall.com/lists/oss-security/2019/06/20/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1594", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1602", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1699", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://access.redhat.com/security/vulnerabilities/tcpsack", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "source": "security@ubuntu.com"}, {"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md", "tags": ["Patch", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10287", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://security.netapp.com/advisory/ntap-20190625-0001/", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://support.f5.com/csp/article/K78234183", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic", "tags": ["Mitigation", "Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://www.kb.cert.org/vuls/id/905115", "tags": ["Third Party Advisory", "US Government Resource"], "source": "security@ubuntu.com"}, {"url": "https://www.oracle.com/security-alerts/cpujan2020.html", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://www.synology.com/security/advisory/Synology_SA_19_28", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03", "tags": ["Third Party Advisory", "US Government Resource"], "source": "security@ubuntu.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}, {"type": "Secondary", "source": "security@ubuntu.com", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."}, {"lang": "es", "value": "Jonathan Looney detect\u00f3 que el valor TCP_SKB_CB(skb)-mayor que tcp_gso_segs estuvo sujeto a un desbordamiento de enteros en el kernel de Linux durante el manejo del Reconocimiento Selectivo (SACK) de TCP. Un atacante remoto podr\u00eda usar esto para causar una denegaci\u00f3n de servicio. Esto se ha corregido en versiones de kernel estables 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, y se corrige en el commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."}], "lastModified": "2024-02-27T21:04:17.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "190D94DD-9CDB-413B-9A15-BFBDB1BB127C", "versionEndExcluding": "3.16.69", "versionStartIncluding": "2.6.29"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D641CA66-86A4-4172-9D98-206C31578C5E", "versionEndExcluding": "4.4.182", "versionStartIncluding": "3.17"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "966342A3-015F-4BCC-A513-335362A79A26", "versionEndExcluding": "4.9.182", "versionStartIncluding": "4.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A632572-BC71-422E-B953-346709BA1658", "versionEndExcluding": "4.14.127", "versionStartIncluding": "4.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C91C6131-9445-46E6-960B-76E8A34DC7E4", "versionEndExcluding": "4.19.52", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0E372D7-8DD5-45E7-9C26-CF389B1A09A5", "versionEndExcluding": "5.1.11", "versionStartIncluding": "4.20"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33AF102E-2851-45B5-8C71-B393F34D4591", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E4EA2A9-C197-40D4-A6AE-A64D69536F99", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A3215E6-7223-4AF1-BFD3-BD8AE9B6B572", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "720A06E3-441B-4D51-8FC0-D569DD7FEB10", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A057B236-8B7C-430D-B107-8FF96D132E73", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D7877E8-E50F-4DC6-867D-C19A8DB533E3", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "899BE6FE-B23F-4236-8A5E-B41AFF28E533", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEBAD7C4-AC37-463F-B63C-6EAD5542F2A0", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66FC8C37-629D-4FBA-9C79-615BDDCF7837", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66FCB095-3E70-472A-AB9D-60F001F3A539", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA39C4F5-4D97-4B0B-8DA9-780F7ACF0A74", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2833083-97E9-4B3C-8E6B-BCAC1851D148", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42EBAE78-C03E-42C9-AC2D-D654A8DF8516", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75D817B1-EC06-4180-B272-067299818B09", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E3A4646-9AAA-445E-A08F-226D41485DC2", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09C950E6-BF12-43D4-9125-AD9D90EDD67A", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "255D11E3-F502-45CD-8958-5989F179574E", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E72B035F-97C1-41C6-B424-F3929B9D7A99", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E058E775-EAAA-46DF-9F3D-A8D042AAFD88", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AD3B4BB-7F5C-4565-9345-2D4895630AAD", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10A57948-C53A-4CD0-801B-7E801D08E112", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F367EED9-1F71-4720-BE53-3074FF6049C9", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20BF15AA-1183-489E-A24A-FFB5BFD84664", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83B684D2-5889-41EA-B54A-8E7AF43DA647", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45D0AF1B-9106-4C38-B1A2-87FC189ADBAB"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E4A258E-4F20-4C3C-8269-CD7554539EC6", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A5E9908-C959-48FD-8FAC-C0FE329E6FD8", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "442A56A6-935D-427A-8562-144DD770E317", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6434ED4F-0BA2-445A-B6E9-D3E301EE3930", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DA668DC-EFB6-44C3-8521-47BB9F474DD1", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C23EFF81-0FF4-4B4A-BAC3-85EC62230099", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24AB3C9F-77E5-4D87-A9C1-366B087E7F68", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D17CC587-3325-4D95-BE63-B948C63B411D", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24904D5C-58FF-49B0-B598-F798BAD110E6", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE11CCA1-58BF-462E-A0DE-49F3BC1C5499", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "639FCD86-C487-40DD-9840-8931FAF5DF3A", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1117B40B-36E7-4205-82B0-52B4862A6D03", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12F0D363-0DE8-4E32-9187-D7ACA0868BD8"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB112ABE-C07E-480F-8042-6321E602183D", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A751827-1169-408E-BCE6-A129BDDB489D", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "428C4BEA-AFDA-45EC-9D5F-DDF409461C33", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "717C0443-3E88-4814-8D4A-F0C067176228", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3879431-2E02-4B6C-BB4F-C2FF631A0974"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7865E258-CDA0-43A5-9945-81E07BF11A82", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAECED76-81A2-4A0C-8C2E-24C235BB32DE", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDC38EF1-6210-40A1-88FC-964C470E41BA", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "713EB3E7-A657-4F6A-901D-618AF660CBBC", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B572C267-AF06-4270-8FDC-18EBDDED7879", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88B12CA1-E853-4898-8A06-F991BE19A27A", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C98DCCF-2D89-4C05-A0AE-60CF8228B860", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B439DE9D-6A09-4487-82A4-E75A57717CAB", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA4F1CFB-0FD9-4AEB-BF25-093115F9D891"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19428E8B-18C2-413A-A3C0-AC6AB9F952F2", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.5.2"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6166E0DB-2BA5-454D-ABBC-9E4916436A44", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F42F4AF6-4BCC-497E-A889-0BBCA965CB32", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEC2164D-11D0-4DCD-B814-6AB185C3BADF", "versionEndIncluding": "14.1.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF483911-003B-470B-A12B-85EF34A50469"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79191794-6151-46E9-AAFD-3EC0C05B03B1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "893A7EE9-495D-405A-B809-39DC80778B2A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00"}, {"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97D046F5-FF1A-41A7-8EDE-2C93E335906E"}, {"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1C8792C-1CF0-450B-A8BD-2B5274156053"}, {"criteria": "cpe:2.3:a:pulsesecure:pulse_secure_virtual_application_delivery_controller:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3CCBFDE-C2FA-40E3-AA44-0EB0A6861BD4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700", "versionEndIncluding": "5.1.0", "versionStartIncluding": "5.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@ubuntu.com"}