CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html Mailing List Third Party Advisory
http://www.securityfocus.com/bid/107174 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2019:2304 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2437 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2439 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2471 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3929 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3931 Third Party Advisory
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e
https://kc.mcafee.com/corporate/index?page=content&id=SB10282 Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
https://security.gentoo.org/glsa/201903-10 Third Party Advisory
https://security.netapp.com/advisory/ntap-20190301-0001/ Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20190301-0002/ Broken Link Third Party Advisory
https://security.netapp.com/advisory/ntap-20190423-0002/ Third Party Advisory
https://support.f5.com/csp/article/K18549143 Third Party Advisory
https://support.f5.com/csp/article/K18549143?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/3899-1/ Third Party Advisory
https://usn.ubuntu.com/4376-2/ Broken Link
https://www.debian.org/security/2019/dsa-4400 Third Party Advisory
https://www.openssl.org/news/secadv/20190226.txt Vendor Advisory
https://www.oracle.com/security-alerts/cpujan2020.html Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Patch Third Party Advisory
https://www.tenable.com/security/tns-2019-02 Patch Third Party Advisory
https://www.tenable.com/security/tns-2019-03 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:altavault:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hyper_converged_infrastructure:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.4.0:*:*:*:*:*:*:*

Configuration 6 (hide)

cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netapp:a320_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a320:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*

Configuration 15 (hide)

OR cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

Configuration 16 (hide)

OR cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:threat_intelligence_exchange_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:a:redhat:jboss_enterprise_web_server:5.0.0:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
OR cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 19 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 20 (hide)

OR cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:business_intelligence:11.1.1.9.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_performance_intelligence_center:10.4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_border_controller:7.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_border_controller:8.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_router:7.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_router:8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_router:8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_router:8.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_router:8.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_unified_session_manager:7.3.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:endeca_server:7.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_world_security:a9.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_world_security:a9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:services_tools_bundle:19.2:*:*:*:*:*:*:*

Configuration 21 (hide)

OR cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*

Configuration 22 (hide)

OR cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*

History

07 Nov 2023, 03:08

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/', 'name': 'FEDORA-2019-db06efdea1', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/', 'name': 'FEDORA-2019-9a0a7c0986', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/', 'name': 'FEDORA-2019-00c25b9379', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e', 'name': 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'CONFIRM'}
  • {'url': 'https://support.f5.com/csp/article/K18549143?utm_source=f5support&utm_medium=RSS', 'name': 'https://support.f5.com/csp/article/K18549143?utm_source=f5support&utm_medium=RSS', 'tags': ['Third Party Advisory'], 'refsource': 'CONFIRM'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/ -
  • () https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e -
  • () https://support.f5.com/csp/article/K18549143?utm_source=f5support&amp%3Butm_medium=RSS -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/ -

Information

Published : 2019-02-27 23:29

Updated : 2024-02-28 16:48


NVD link : CVE-2019-1559

Mitre link : CVE-2019-1559

CVE.ORG link : CVE-2019-1559


JSON object : View

Products Affected

netapp

  • oncommand_workflow_automation
  • service_processor
  • fas2750
  • ontap_select_deploy_administration_utility
  • fas2720_firmware
  • a220_firmware
  • c190
  • a800
  • solidfire
  • active_iq_unified_manager
  • oncommand_unified_manager
  • snapdrive
  • oncommand_insight
  • c190_firmware
  • fas2720
  • snapcenter
  • cloud_backup
  • fas2750_firmware
  • clustered_data_ontap_antivirus_connector
  • hyper_converged_infrastructure
  • hci_compute_node
  • santricity_smi-s_provider
  • cn1610
  • smi-s_provider
  • oncommand_unified_manager_core_package
  • a320
  • ontap_select_deploy
  • a220
  • storage_automation_store
  • a320_firmware
  • storagegrid
  • a800_firmware
  • altavault
  • steelstore_cloud_integrated_storage
  • cn1610_firmware
  • snapprotect
  • hci_management_node
  • element_software

f5

  • big-ip_webaccelerator
  • big-ip_access_policy_manager
  • big-ip_fraud_protection_service
  • big-ip_policy_enforcement_manager
  • big-ip_advanced_firewall_manager
  • traffix_signaling_delivery_controller
  • big-ip_domain_name_system
  • big-ip_application_acceleration_manager
  • big-ip_link_controller
  • big-ip_global_traffic_manager
  • big-ip_application_security_manager
  • big-ip_local_traffic_manager
  • big-ip_edge_gateway
  • big-iq_centralized_management
  • big-ip_analytics

oracle

  • communications_diameter_signaling_router
  • jd_edwards_world_security
  • mysql
  • communications_session_border_controller
  • communications_session_router
  • api_gateway
  • secure_global_desktop
  • mysql_workbench
  • services_tools_bundle
  • peoplesoft_enterprise_peopletools
  • enterprise_manager_base_platform
  • endeca_server
  • communications_unified_session_manager
  • business_intelligence
  • jd_edwards_enterpriseone_tools
  • mysql_enterprise_monitor
  • communications_performance_intelligence_center
  • enterprise_manager_ops_center

mcafee

  • web_gateway
  • threat_intelligence_exchange_server
  • agent
  • data_exchange_layer

opensuse

  • leap

redhat

  • enterprise_linux_workstation
  • enterprise_linux_server
  • enterprise_linux
  • virtualization_host
  • virtualization
  • jboss_enterprise_web_server
  • enterprise_linux_desktop

tenable

  • nessus

nodejs

  • node.js

canonical

  • ubuntu_linux

fedoraproject

  • fedora

debian

  • debian_linux

paloaltonetworks

  • pan-os

openssl

  • openssl
CWE
CWE-203

Observable Discrepancy