CVE-2021-22924

{"id": "CVE-2021-22924", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}]}, "published": "2021-08-05T21:15:11.380", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "tags": ["Patch", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "tags": ["Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf", "tags": ["Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://hackerone.com/reports/1223565", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E", "tags": ["Mailing List", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E", "tags": ["Mailing List", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E", "tags": ["Mailing List", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E", "tags": ["Mailing List", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/", "tags": ["Mailing List", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://security.netapp.com/advisory/ntap-20210902-0003/", "tags": ["Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://www.debian.org/security/2022/dsa-5197", "tags": ["Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "tags": ["Patch", "Third Party Advisory"], "source": "support@hackerone.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-706"}]}, {"type": "Secondary", "source": "support@hackerone.com", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate."}, {"lang": "es", "value": "libcurl mantiene las conexiones usadas previamente en un pool de conexiones para reusarlas en posteriores transferencias, si una de ellas coincide con la configuraci\u00f3n. Debido a errores en la l\u00f3gica, la funci\u00f3n de coincidencia de la configuraci\u00f3n no ten\u00eda en cuenta \"issuercert\" y comparaba las rutas implicadas *sin tener en cuenta el caso*, que pod\u00eda conllevar a que libcurl reusara conexiones err\u00f3neas. Las rutas de los archivos son, o pueden ser, casos confidenciales en muchos sistemas, pero no en todos, y pueden incluso variar dependiendo de los sistemas de archivos usados. La comparaci\u00f3n tampoco inclu\u00eda el \"issuercert\" que una transferencia puede ajustar para calificar c\u00f3mo verificar el certificado del servidor"}], "lastModified": "2024-03-27T15:11:45.923", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FDD6146-08DE-414A-AF65-668F1A002099", "versionEndExcluding": "7.77.0", "versionStartIncluding": "7.10.4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4"}, {"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163"}, {"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E"}, {"criteria": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E74B879-B396-496C-979B-8A7211EDCA0D", "versionEndIncluding": "5.7.36", "versionStartIncluding": "5.7.0"}, {"criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "709E83B4-8C66-4255-870B-2F72B37BA8C6", "versionEndIncluding": "8.0.26", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0F46497-4AB0-49A7-9453-CC26837BF253", "versionEndExcluding": "1.0.1.1"}, {"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98CC9C9A-FE14-4D50-A8EC-C309229356C8", "versionEndExcluding": "3.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:logo\\!_cmr2040_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F58182A-EB6D-442B-846A-8BD5BE4313E6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:logo\\!_cmr2040:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6ED47A12-5637-40E2-BE39-B76B789C0DFD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:logo\\!_cmr2020_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85E0D5C4-F0DA-42D9-A594-CB1BE6E7451F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:logo\\!_cmr2020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8E5F42B-63E3-4B2D-A03F-983F51EE0648"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcomrm_1224_lte_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "139740E9-9828-4F2E-B11D-3BFE1B96992C", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcomrm_1224_lte:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1A650A1E-4DB0-415A-9BF4-0016798CD622"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44695DA0-6E69-4444-BEBB-391E818B9FC0", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87B7BB84-89FC-440B-9647-6D5E99C46AED", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m812-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "31EAEF72-8B41-44E0-A33B-753AF85A3106"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F93C36C9-9E80-48B6-8025-0DA656B7AE0B", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m816-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5908438F-2575-46EB-AC96-5F33D018AFAC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15374104-A17C-44B4-801F-C81D3FB97527", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E587E31C-E9CA-4925-A2FE-22F46C5A3E81", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE82B624-BD88-4B43-A590-FF39D136A4D4", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC0626BD-AAE2-4853-AC96-8A3F2516A972", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60DD88D4-3DB3-473C-8613-AE425E7DF03C", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03B602E7-05E4-42F7-8850-2369F118D32C", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum856-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "17BEBCAB-D640-4F6D-9579-4A54C76D80F8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "116A0913-61A8-41EA-89D1-AC46384254B8", "versionEndExcluding": "7.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFC6ACFD-8893-4EA3-976B-FAAF7240C5DB", "versionEndExcluding": "3.0.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3FDE92FB-38C7-46E8-9208-BBD7872219D5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_cp_1545-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D599BF67-DFBB-4107-ACD9-1231D12EC9B5", "versionEndExcluding": "1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_cp_1545-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C557DEBB-B71C-42E5-BBCE-0CFF3D10D700"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_rtu3010c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22BE5ED5-4690-4D60-AA95-915CC02266E2", "versionEndExcluding": "5.0.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_rtu3010c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2F32339C-D992-45F3-B975-D3E1118B881E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_rtu3030c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD88F06C-6E0F-463C-94E5-CB68601D728E", "versionEndExcluding": "5.0.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_rtu3030c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A66DD04-4C58-45D8-A8C5-6817B05DBA14"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_rtu3031c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBFBC62C-7F21-4312-B6BB-FC80894100BB", "versionEndExcluding": "5.0.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_rtu3031c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "48F0595C-286F-4EB1-8C25-D20FB92A95A0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_rtu_3041c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74D4B0B4-6F7C-43CF-AFB8-6C53BA5C6577", "versionEndExcluding": "5.0.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_rtu_3041c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F30B6004-31BF-408A-B1C5-4A7937391F41"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sinema_remote_connect:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C5E4FE6-D2D5-40E4-A68C-6EA6AC7E1A3C", "versionEndExcluding": "3.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43CDCCE3-B8C0-44D4-A8A0-25C49A4EA240", "versionEndExcluding": "3.0.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siplus_net_cp_1543-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5D7AB0D5-FD3E-416A-975B-D212B3350433"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5722E753-75DE-4944-A11B-556CB299B57D", "versionEndExcluding": "8.2.12", "versionStartIncluding": "8.2.0"}, {"criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC0F9351-81A4-4FEA-B6B5-6E960A933D32", "versionEndExcluding": "9.0.6", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EED24E67-2957-4C1B-8FEA-E2D2FE7B97FC"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}