製品・ソフトウェアに関する情報

JVN脆弱性詳細

OpenSSL の heartbeat 拡張に情報漏えいの脆弱性

タイトル	OpenSSL の heartbeat 拡張に情報漏えいの脆弱性
概要	OpenSSL の heartbeat 拡張の実装には、情報漏えいの脆弱性が存在します。TLS や DTLS 通信において OpenSSL のコードを実行しているプロセスのメモリ内容が通信相手に漏えいする可能性があります。
想定される影響	遠隔の第三者によって、秘密鍵などの重要な情報を取得される可能性があります。
対策	[アップデートする] 開発者が提供する情報をもとに、最新版へアップデートしてください。
公表日	2014年4月7日0:00
登録日	2014年4月8日16:13
最終更新日	2015年12月22日15:48

CVSS2.0 : 警告
スコア	5
ベクター	AV:N/AC:L/Au:N/C:P/I:N/A:N

影響を受けるシステム

ヒューレット・パッカード

HP TippingPoint NGFW 1.0.1

HP TippingPoint NGFW 1.0.2

HP TippingPoint NGFW 1.0.3

HP TippingPoint NGFW 1.1.0_4127

OpenSSL Project

OpenSSL 1.0.1 から 1.0.1f まで

サイバートラスト株式会社

Asianux Server 4 for x86

Asianux Server 4 for x86_64

サイボウズ

サイボウズ Office 10.1.0 未満

サイボウズメールワイズ 5.1.4 未満

FreeBSD

FreeBSD 10.0

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2014-0160	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
National Vulnerability Database (NVD)
2	CVE-2014-0160	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	名前	URL
Apache Tomcat
1	Apache Tomcat - Apache Tomcat APR/native Connector vulnerabilities	http://tomcat.apache.org/security-native.html
2	Security/Heartbleed - Tomcat Wiki	http://wiki.apache.org/tomcat/Security/Heartbleed
Asianux Technical Support Network
3	ミラクル・リナックス株式会社の告知ページ	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=3566&sType=&sProduct=&published=1
BlackBerry Knowledge Base
4	BlackBerry response to OpenSSL “Heartbleed” vulnerability	http://www.blackberry.com/btsc/KB35882
Chef
5	Chef Server 11.0.12 Release	http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/
6	Chef Server Heartbleed (CVE-2014-0160) Releases	http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/
7	Enterprise Chef 1.4.9 Release	http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/
8	Enterprise Chef 11.1.3 Release	http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/
Cisco Security Notice
9	cisco-sa-20140409-heartbleed	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
Cogent DataHub
10	Release Notes	http://cogentdatahub.com/ReleaseNotes.html
F-Secure
11	FSC-2014-1: Notice on OpenSSL 'Heartbleed' Vulnerability	http://www.f-secure.com/en/web/labs_global/fsc-2014-1
F5 Networks
12	SOL15159: OpenSSL vulnerability CVE-2014-0160	https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217
FileZilla
13	Version history	https://filezilla-project.org/versions.php?type=server
FreeBSD Security Advisory
14	OpenSSL multiple vulnerabilities	http://www.freebsd.org/security/advisories/FreeBSD-SA-14:06.openssl.asc
HP Security Bulletin
15	HPSBHF03136 SSRT101726	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04475466
16	HPSBHF03293 SSRT101846	http://h20566.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595951&lang=en&cc=us
17	HPSBMU02995 SSRT101499	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04236102
18	HPSBMU03009 SSRT101520	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04249113
19	HPSBMU03022 SSRT101527	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04263236
20	HPSBMU03024 SSRT101538	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04267749
21	HPSBMU03033 SSRT101550	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04272892
22	HPSBST03000 SSRT101513	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04260637
IBM Product Security Incident Response Blog
23	OpenSSL Heartbleed (CVE-2014-0160)	https://www-304.ibm.com/connections/blogs/PSIRT/entry/openssl_heartbleed_cve_2014_0160?lang=en_us
IBM Support Document
24	00001841	http://www-01.ibm.com/support/docview.wss?uid=isg400001841
25	00001843	http://www-01.ibm.com/support/docview.wss?uid=isg400001843
26	1670161	http://www-01.ibm.com/support/docview.wss?uid=swg21670161
27	1672507	http://www-01.ibm.com/support/docview.wss?uid=swg21672507
JVN
28	アライドテレシス株式会社からの情報	http://jvn.jp/vu/JVNVU94401838/522154/index.html
Kerio Control
29	Kerio Control Release History	http://www.kerio.com/support/kerio-control/release-history
NEC製品セキュリティ情報
30	AV14-001	http://jpn.nec.com/security-info/av14-001.html
OpenSSL Project
31	Add heartbeat extension bounds check.	http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3
32	OpenSSL Security Advisory [07 Apr 2014] - TLS heartbeat read overrun (CVE-2014-0160)	http://www.openssl.org/news/secadv_20140407.txt
Oracle
33	OpenSSL Security Bug - Heartbleed / CVE-2014-0160	http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html
34	Oracle Security Alert for CVE-2014-0160	http://www.oracle.com/technetwork/topics/security/alert-cve-2014-0160-2190703.html
Oracle Critical Patch Update
35	Oracle Critical Patch Update Advisory - July 2014	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Red Hat Bugzilla
36	Bug 1084875	https://bugzilla.redhat.com/show_bug.cgi?id=1084875
Red Hat Security Advisory
37	RHSA-2014:0376	http://rhn.redhat.com/errata/RHSA-2014-0376.html
38	RHSA-2014:0377	http://rhn.redhat.com/errata/RHSA-2014-0377.html
39	RHSA-2014:0378	http://rhn.redhat.com/errata/RHSA-2014-0378.html
40	RHSA-2014:0396	http://rhn.redhat.com/errata/RHSA-2014-0396.html
SECURITY BLOG
41	Multiple vulnerabilities in OpenSSL	https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl5
Solution Center
42	Vulnerabilities resolved in TRITON APX Version 8.0	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
Splunk
43	Splunk 6.0.3 addresses two vulnerabilities - April 10, 2014	http://www.splunk.com/view/SP-CAAAMB3
TechNet Blogs (日本語版)
44	日本マイクロソフト株式会社の告知ページ	http://blogs.technet.com/b/jpsecurity/archive/2014/04/11/microsoft-services-unaffected-by-openssl-quot-heartbleed-quot-vulnerability.aspx
Unisys
45	UIS-2014-1	http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1
46	UIS-2014-3	http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3
VMware Security Advisories
47	VMSA-2014-0012	http://www.vmware.com/security/advisories/VMSA-2014-0012.html
サイボウズからのお知らせ
48	OpenSSLの脆弱性に伴う弊社製品への影響について	https://cs.cybozu.co.jp/2014/001064.html
サポート＆技術情報
49	株式会社インターネットイニシアティブの告知ページ	http://www.seil.jp/support/security/140409.html
シスコセキュリティアドバイザリ
50	cisco-sa-20140409-heartbleed	http://www.cisco.com/cisco/web/support/JP/112/1122/1122496_ERP-Heartbleed-j.html
トレンドマイクロ Q&Aページ
51	アラート/アドバイザリ: OpenSSL Heartbleed の脆弱性(CVE-2014-0160)について	http://esupport.trendmicro.com/solution/ja-jp/1103090.aspx
富士通セキュリティ情報
52	Systemwalker Desktop Patrol: OpenSSL の heartbeat 拡張に情報漏えいの脆弱性(CVE-2014-0160) (2014年5月8日)	http://software.fujitsu.com/jp/security/products-fujitsu/solution/systemwalker_dtp201401.html
53	TA14-098A	http://software.fujitsu.com/jp/security/vulnerabilities/ta14-098a.html
日立
54	HIRT-PUB14005：日立製品における OpenSSL 情報漏えいを許してしまう脆弱性(CVE-2014-0160) への対応について	http://www.hitachi.co.jp/hirt/publications/hirt-pub14005/index.html

その他

No	名前	URL
ICS-CERT ADVISORY
1	ICSA-14-105-02	http://ics-cert.us-cert.gov/advisories/ICSA-14-105-02A
2	ICSA-14-105-03	http://ics-cert.us-cert.gov/advisories/ICSA-14-105-03A
3	ICSA-14-114-01	http://ics-cert.us-cert.gov/advisories/ICSA-14-114-01
4	ICSA-14-126-01	http://ics-cert.us-cert.gov/advisories/ICSA-14-126-01
5	ICSA-14-128-01	http://ics-cert.us-cert.gov/advisories/ICSA-14-128-01
6	ICSA-14-135-02	http://ics-cert.us-cert.gov/advisories/ICSA-14-135-02
7	ICSA-14-135-04	http://ics-cert.us-cert.gov/advisories/ICSA-14-135-04
8	ICSA-14-135-05	http://ics-cert.us-cert.gov/advisories/ICSA-14-135-05
9	ICSA-15-344-01	https://ics-cert.us-cert.gov/advisories/ICSA-15-344-01
ICS-CERT ALERT
10	ICS-ALERT-14-099-01	https://ics-cert.us-cert.gov/alerts/ICS-ALERT-14-099-01E
IPA 緊急対策情報
11	OpenSSL の脆弱性対策について(CVE-2014-0160)	http://www.ipa.go.jp/security/ciadr/vul/20140408-openssl.html
JPCERT 注意喚起
12	JPCERT-AT-2014-0013	http://www.jpcert.or.jp/at/2014/at140013.html
JVN
13	JVNTA#99041988	http://jvn.jp/ta/JVNTA99041988/
14	JVNVU#94401838	http://jvn.jp/vu/JVNVU94401838/index.html
US-CERT Technical Cyber Security Alert
15	TA14-098A	http://www.us-cert.gov/ncas/alerts/TA14-098A
16	TA15-119A	https://www.us-cert.gov/ncas/alerts/TA15-119A
US-CERT Vulnerability Note
17	VU#720951	http://www.kb.cert.org/vuls/id/720951
警察庁 @police
18	OpenSSL の脆弱性を標的としたアクセスの増加について	http://www.npa.go.jp/cyberpolice/detect/pdf/20140410.pdf
関連文書
19	IETF RFC6520	https://tools.ietf.org/html/rfc6520
20	Issue 85: CVE-2014-0160 fix needed	https://code.google.com/p/mod-spdy/issues/detail?id=85
21	MGASA-2014-0165	http://advisories.mageia.org/MGASA-2014-0165.html
22	NCSC-FI - FICORA #788210：NCSC-FI Advisory on OpenSSL	https://www.cert.fi/en/reports/2014/vulnerability788210.html
23	The Heartbleed Bug	http://heartbleed.com/
24	ビー・ユー・ジー森精機株式会社の告知ページ	http://www.cente.jp/article/release/483.html
25	株式会社アラタナの告知ページ	http://www.aratana.jp/security/detail.php?id=8

変更履歴

No	変更内容	変更日
0	[2014年04月08日] 掲載 [2014年04月09日] CWE による脆弱性タイプ一覧：CWE-ID を追加参考情報：IPA セキュリティセンター注意喚起 (OpenSSL の脆弱性対策について(CVE-2014-0160)) を追加参考情報：JPCERT 注意喚起 (JPCERT-AT-2014-0013) を追加 [2014年04月10日] 参考情報：US-CERT Technical Cyber Security Alert (TA14-098A) を追加参考情報：ICS-CERT ALERT (ICS-ALERT-14-099-01) を追加参考情報：関連文書 (NCSC-FI - FICORA #788210：NCSC-FI Advisory on OpenSSL) を追加 [2014年04月11日] 参考情報：OpenSSL の脆弱性対策について(CVE-2014-0160) を更新 [2014年04月14日] CVSS による深刻度：内容を更新参考情報：警察庁 @police (OpenSSL の脆弱性を標的としたアクセスの増加について) を追加 [2014年04月15日] 参考情報：ICS-CERT ALERT (ICS-ALERT-14-099-01B) を追加 [2014年04月23日] 影響を受けるシステム：ミラクル・リナックス (ミラクル・リナックス株式会社の告知ページ) の情報を追加影響を受けるシステム：FreeBSD (OpenSSL multiple vulnerabilities) の情報を追加影響を受けるシステム：オラクル (OpenSSL Security Bug - Heartbleed / CVE-2014-0160) の情報を追加影響を受けるシステム：IBM (1670161) の情報を追加ベンダ情報：トレンドマイクロ (アラート/アドバイザリ: OpenSSL Heartbleed の脆弱性(CVE-2014-0160)について) を追加ベンダ情報：ミラクル・リナックス (ミラクル・リナックス株式会社の告知ページ) を追加ベンダ情報：日立 (HIRT-PUB14005：日立製品における OpenSSL 情報漏えいを許してしまう脆弱性(CVE-2014-0160) への対応について) を追加ベンダ情報：マイクロソフト (日本マイクロソフト株式会社の告知ページ) を追加ベンダ情報：インターネットイニシアティブ (株式会社インターネットイニシアティブの告知ページ) を追加ベンダ情報：FreeBSD (OpenSSL multiple vulnerabilities) を追加ベンダ情報：オラクル (OpenSSL Security Bug - Heartbleed / CVE-2014-0160) を追加ベンダ情報：IBM (1670161) を追加ベンダ情報：BlackBerry (BlackBerry response to OpenSSL “Heartbleed” vulnerability) を追加ベンダ情報：Splunk (Splunk 6.0.3 addresses two vulnerabilities - April 10, 2014) を追加 [2014年04月24日] 影響を受けるシステム：内容を更新ベンダ情報：レッドハット (Bug 1084875) を追加ベンダ情報：レッドハット (RHSA-2014:0377) を追加ベンダ情報：レッドハット (RHSA-2014:0378) を追加ベンダ情報：レッドハット (RHSA-2014:0376) を追加ベンダ情報：レッドハット (RHSA-2014:0396) を追加ベンダ情報：シスコシステムズ (cisco-sa-20140409-heartbleed) を追加 [2014年04月25日] ベンダ情報：富士通 (TA14-098A) を追加 [2014年05月08日] 影響を受けるシステム：内容を更新ベンダ情報：Apache Software Foundation (Apache Tomcat - Apache Tomcat APR/native Connector vulnerabilities) を追加ベンダ情報：Apache Software Foundation (Security/Heartbleed - Tomcat Wiki) を追加ベンダ情報：アライドテレシス (アライドテレシス株式会社からの情報) を追加ベンダ情報：エフ・セキュア (FSC-2014-1: Notice on OpenSSL 'Heartbleed' Vulnerability) を追加ベンダ情報：ヒューレット・パッカード (HPSBMU02995 SSRT101499) を追加ベンダ情報：日本電気 (AV14-001) を追加ベンダ情報：Opscode (Enterprise Chef 11.1.3 Release) を追加ベンダ情報：Opscode (Enterprise Chef 1.4.9 Release) を追加ベンダ情報：Opscode (Chef Server Heartbleed (CVE-2014-0160) Releases) を追加ベンダ情報：Opscode (Chef Server 11.0.12 Release) を追加参考情報：ICS-CERT ADVISORY (ICSA-14-105-03) を追加参考情報：ICS-CERT ADVISORY (ICSA-14-105-02) を追加参考情報：ICS-CERT ADVISORY (ICSA-14-114-01) を追加参考情報：ICS-CERT ADVISORY (ICSA-14-126-01) を追加参考情報：ICS-CERT ALERT (ICS-ALERT-14-099-01) を更新参考情報：関連文書 (Issue 85: CVE-2014-0160 fix needed) を追加参考情報：関連文書 (ビー・ユー・ジー森精機株式会社の告知ページ) を追加 [2014年05月12日] ベンダ情報：富士通 (Systemwalker Desktop Patrol: OpenSSL の heartbeat 拡張に情報漏えいの脆弱性(CVE-2014-0160) (2014年5月8日)) を追加参考情報：ICS-CERT ADVISORY (ICSA-14-128-01) を追加 [2014年05月20日] 参考情報：ICS-CERT ADVISORY (ICSA-14-135-02) を追加参考情報：ICS-CERT ADVISORY (ICSA-14-135-04) を追加参考情報：ICS-CERT ADVISORY (ICSA-14-135-05) を追加 [2014年05月27日] ベンダ情報：Cogent Real-Time Systems Inc. (Release Notes5) を追加 [2014年05月30日] 影響を受けるシステム：内容を更新ベンダ情報：IBM (OpenSSL Heartbleed (CVE-2014-0160)) を追加 [2014年06月02日] ベンダ情報：オラクル (Oracle Security Alert for CVE-2014-0160) を追加 [2014年06月09日] ベンダ情報：ヒューレット・パッカード (HPSBMU03009 SSRT101520) を追加ベンダ情報：ヒューレット・パッカード (HPSBMU03022 SSRT101527) を追加ベンダ情報：ヒューレット・パッカード (HPSBMU03024 SSRT101538) を追加ベンダ情報：ヒューレット・パッカード (HPSBMU03033 SSRT101550) を追加参考情報：関連文書 (株式会社アラタナの告知ページ) を追加 [2014年07月14日] ベンダ情報：Kerio Technologies (Kerio Control Release History) を追加ベンダ情報：Unisys (UIS-2014-1) を追加ベンダ情報：Unisys (UIS-2014-3) を追加 [2014年07月25日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：IBM (00001841) を追加ベンダ情報：IBM (00001843) を追加ベンダ情報：オラクル (Oracle Critical Patch Update Advisory - July 2014) を追加ベンダ情報：ヒューレット・パッカード (HPSBST03000 SSRT101513) を追加参考情報：関連文書 (MGASA-2014-0165) を追加 [2014年08月07日] ベンダ情報：IBM (1672507) を追加ベンダ情報：FileZilla (Version history) を追加 [2014年08月11日] ベンダ情報：オラクル (Multiple vulnerabilities in OpenSSL) を追加 [2014年11月20日] ベンダ情報：F5 Networks (SOL15159: OpenSSL vulnerability CVE-2014-0160) を追加 [2014年11月28日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：ヒューレット・パッカード (HPSBHF03136 SSRT101726) を追加 [2015年03月18日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：サイボウズ (OpenSSLの脆弱性に伴う弊社製品への影響について) を追加 [2015年05月11日] ベンダ情報：VMware (VMSA-2014-0012) を追加ベンダ情報：ウェブセンス (Vulnerabilities resolved in TRITON APX Version 8.0 ) を追加ベンダ情報：ヒューレット・パッカード (HPSBHF03293 SSRT101846 ) を追加参考情報：JVN (JVNTA#99041988) を追加参考情報：US-CERT Technical Cyber Security Alert (TA15-119A) を追加 [2015年12月22日] 参考情報：ICS-CERT ADVISORY (ICSA-15-344-01) を追加	2018年2月17日10:37

NVD脆弱性情報

CVE-2014-0160

概要	The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
公表日	2014年4月8日7:55
登録日	2021年1月26日15:04
最終更新日	2024年11月21日11:01

影響を受けるソフトウェアの構成

構成1		以上	以下	より上	未満
cpe:2.3:a:openssl:openssl::::::::		1.0.1			1.0.1g

構成2		以上	以下	より上	未満
cpe:2.3:a:filezilla-project:filezilla_server::::::::					0.9.44

構成3		以上	以下	より上	未満
cpe:2.3:o:siemens:application_processing_engine_firmware:2.0:::::::*
実行環境
1	cpe:2.3:h:siemens:application_processing_engine:-:::::::*

構成4		以上	以下	より上	未満
cpe:2.3:o:siemens:cp_1543-1_firmware:1.1:::::::*
実行環境
1	cpe:2.3:h:siemens:cp_1543-1:-:::::::*

構成5		以上	以下	より上	未満
cpe:2.3:o:siemens:simatic_s7-1500_firmware:1.5:::::::*
実行環境
1	cpe:2.3:h:siemens:simatic_s7-1500:-:::::::*

構成6		以上	以下	より上	未満
cpe:2.3:o:siemens:simatic_s7-1500t_firmware:1.5:::::::*
実行環境
1	cpe:2.3:h:siemens:simatic_s7-1500t:-:::::::*

構成7	以上	以下	より上	未満
cpe:2.3:a:siemens:elan-8.2::::::::				8.3.3
cpe:2.3:a:siemens:wincc_open_architecture:3.12:::::::*

構成8		以上	以下	より上	未満
cpe:2.3:o:intellian:v100_firmware:1.20:::::::*
cpe:2.3:o:intellian:v100_firmware:1.21:::::::*
cpe:2.3:o:intellian:v100_firmware:1.24:::::::*
実行環境
1	cpe:2.3:h:intellian:v100:-:::::::*

構成9		以上	以下	より上	未満
cpe:2.3:o:intellian:v60_firmware:1.15:::::::*
cpe:2.3:o:intellian:v60_firmware:1.25:::::::*
実行環境
1	cpe:2.3:h:intellian:v60:-:::::::*

構成10	以上	以下	より上	未満
cpe:2.3:a:mitel:micollab:6.0:::::::*
cpe:2.3:a:mitel:micollab:7.0:::::::*
cpe:2.3:a:mitel:micollab:7.1:::::::*
cpe:2.3:a:mitel:micollab:7.2:::::::*
cpe:2.3:a:mitel:micollab:7.3.0.104:::::::*
cpe:2.3:a:mitel:micollab:7.3:::::::*
cpe:2.3:a:mitel:mivoice:1.1.3.3:::::skype_for_business::
cpe:2.3:a:mitel:mivoice:1.2.0.11:::::skype_for_business::
cpe:2.3:a:mitel:mivoice:1.3.2.2:::::skype_for_business::
cpe:2.3:a:mitel:mivoice:1.4.0.102:::::skype_for_business::
cpe:2.3:a:mitel:mivoice:1.1.2.5:::::lync::

構成11	以上	以下	より上	未満
cpe:2.3:o:opensuse:opensuse:12.3:::::::*
cpe:2.3:o:opensuse:opensuse:13.1:::::::*

構成12	以上	以下	より上	未満
cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

構成13	以上	以下	より上	未満
cpe:2.3:o:fedoraproject:fedora:20:::::::*
cpe:2.3:o:fedoraproject:fedora:19:::::::*

構成14	以上	以下	より上	未満
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:::::::*
cpe:2.3:a:redhat:storage:2.1:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:a:redhat:gluster_storage:2.1:::::::*
cpe:2.3:a:redhat:virtualization:6.0:::::::*

構成15	以上	以下	より上	未満
cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:6.0:::::::*

構成16		以上	以下	より上	未満
cpe:2.3:o:ricon:s9922l_firmware:16.10.3\(3794\):::::::*
実行環境
1	cpe:2.3:h:ricon:s9922l:1.0:::::::*

構成17	以上	以下	より上	未満
cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.0:::::::*
cpe:2.3:a:broadcom:symantec_messaging_gateway:10.6.1:::::::*

構成18		以上	以下	より上	未満
cpe:2.3:a:splunk:splunk:::::enterprise:::*		6.0.0			6.0.3

関連情報、対策とツール

No	URL	タグ
1	http://advisories.mageia.org/MGASA-2014-0165.html	Third Party Advisory
2	http://advisories.mageia.org/MGASA-2014-0165.html	Third Party Advisory
3	http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/	Issue Tracking Third Party Advisory
4	http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/	Issue Tracking Third Party Advisory
5	http://cogentdatahub.com/ReleaseNotes.html	Release Notes
6	http://cogentdatahub.com/ReleaseNotes.html	Release Notes
7	http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01	Broken Link
8	http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01	Broken Link
9	http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3	Broken Link
10	http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3	Broken Link
11	http://heartbleed.com/	Third Party Advisory
12	http://heartbleed.com/	Third Party Advisory
13	http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html	Broken Link Third Party Advisory
14	http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html	Broken Link Third Party Advisory
15	http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html	Broken Link Third Party Advisory
16	http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html	Broken Link Third Party Advisory
17	http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html	Mailing List Third Party Advisory
18	http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html	Mailing List Third Party Advisory
19	http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html	Mailing List Third Party Advisory
20	http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html	Mailing List Third Party Advisory
21	http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html	Mailing List Third Party Advisory
22	http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html	Mailing List Third Party Advisory
23	http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html	Mailing List Third Party Advisory
24	http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html	Mailing List Third Party Advisory
25	http://marc.info/?l=bugtraq&m=139722163017074&w=2	Mailing List Third Party Advisory
26	http://marc.info/?l=bugtraq&m=139722163017074&w=2	Mailing List Third Party Advisory
27	http://marc.info/?l=bugtraq&m=139757726426985&w=2	Mailing List Third Party Advisory
28	http://marc.info/?l=bugtraq&m=139757726426985&w=2	Mailing List Third Party Advisory
29	http://marc.info/?l=bugtraq&m=139757819327350&w=2	Mailing List Third Party Advisory
30	http://marc.info/?l=bugtraq&m=139757819327350&w=2	Mailing List Third Party Advisory
31	http://marc.info/?l=bugtraq&m=139757919027752&w=2	Mailing List Third Party Advisory
32	http://marc.info/?l=bugtraq&m=139757919027752&w=2	Mailing List Third Party Advisory
33	http://marc.info/?l=bugtraq&m=139758572430452&w=2	Mailing List Third Party Advisory
34	http://marc.info/?l=bugtraq&m=139758572430452&w=2	Mailing List Third Party Advisory
35	http://marc.info/?l=bugtraq&m=139765756720506&w=2	Mailing List Third Party Advisory
36	http://marc.info/?l=bugtraq&m=139765756720506&w=2	Mailing List Third Party Advisory
37	http://marc.info/?l=bugtraq&m=139774054614965&w=2	Mailing List Third Party Advisory
38	http://marc.info/?l=bugtraq&m=139774054614965&w=2	Mailing List Third Party Advisory
39	http://marc.info/?l=bugtraq&m=139774703817488&w=2	Mailing List Third Party Advisory
40	http://marc.info/?l=bugtraq&m=139774703817488&w=2	Mailing List Third Party Advisory
41	http://marc.info/?l=bugtraq&m=139808058921905&w=2	Mailing List Third Party Advisory
42	http://marc.info/?l=bugtraq&m=139808058921905&w=2	Mailing List Third Party Advisory
43	http://marc.info/?l=bugtraq&m=139817685517037&w=2	Mailing List Third Party Advisory
44	http://marc.info/?l=bugtraq&m=139817685517037&w=2	Mailing List Third Party Advisory
45	http://marc.info/?l=bugtraq&m=139817727317190&w=2	Mailing List Third Party Advisory
46	http://marc.info/?l=bugtraq&m=139817727317190&w=2	Mailing List Third Party Advisory
47	http://marc.info/?l=bugtraq&m=139817782017443&w=2	Mailing List Third Party Advisory
48	http://marc.info/?l=bugtraq&m=139817782017443&w=2	Mailing List Third Party Advisory
49	http://marc.info/?l=bugtraq&m=139824923705461&w=2	Mailing List Third Party Advisory
50	http://marc.info/?l=bugtraq&m=139824923705461&w=2	Mailing List Third Party Advisory
51	http://marc.info/?l=bugtraq&m=139824993005633&w=2	Mailing List Third Party Advisory
52	http://marc.info/?l=bugtraq&m=139824993005633&w=2	Mailing List Third Party Advisory
53	http://marc.info/?l=bugtraq&m=139833395230364&w=2	Mailing List Third Party Advisory
54	http://marc.info/?l=bugtraq&m=139833395230364&w=2	Mailing List Third Party Advisory
55	http://marc.info/?l=bugtraq&m=139835815211508&w=2	Mailing List Third Party Advisory
56	http://marc.info/?l=bugtraq&m=139835815211508&w=2	Mailing List Third Party Advisory
57	http://marc.info/?l=bugtraq&m=139835844111589&w=2	Mailing List Third Party Advisory
58	http://marc.info/?l=bugtraq&m=139835844111589&w=2	Mailing List Third Party Advisory
59	http://marc.info/?l=bugtraq&m=139836085512508&w=2	Mailing List Third Party Advisory
60	http://marc.info/?l=bugtraq&m=139836085512508&w=2	Mailing List Third Party Advisory
61	http://marc.info/?l=bugtraq&m=139842151128341&w=2	Mailing List Third Party Advisory
62	http://marc.info/?l=bugtraq&m=139842151128341&w=2	Mailing List Third Party Advisory
63	http://marc.info/?l=bugtraq&m=139843768401936&w=2	Mailing List Third Party Advisory
64	http://marc.info/?l=bugtraq&m=139843768401936&w=2	Mailing List Third Party Advisory
65	http://marc.info/?l=bugtraq&m=139869720529462&w=2	Mailing List Third Party Advisory
66	http://marc.info/?l=bugtraq&m=139869720529462&w=2	Mailing List Third Party Advisory
67	http://marc.info/?l=bugtraq&m=139869891830365&w=2	Mailing List Third Party Advisory
68	http://marc.info/?l=bugtraq&m=139869891830365&w=2	Mailing List Third Party Advisory
69	http://marc.info/?l=bugtraq&m=139889113431619&w=2	Mailing List Third Party Advisory
70	http://marc.info/?l=bugtraq&m=139889113431619&w=2	Mailing List Third Party Advisory
71	http://marc.info/?l=bugtraq&m=139889295732144&w=2	Mailing List Third Party Advisory
72	http://marc.info/?l=bugtraq&m=139889295732144&w=2	Mailing List Third Party Advisory
73	http://marc.info/?l=bugtraq&m=139905202427693&w=2	Mailing List Third Party Advisory
74	http://marc.info/?l=bugtraq&m=139905202427693&w=2	Mailing List Third Party Advisory
75	http://marc.info/?l=bugtraq&m=139905243827825&w=2	Mailing List Third Party Advisory
76	http://marc.info/?l=bugtraq&m=139905243827825&w=2	Mailing List Third Party Advisory
77	http://marc.info/?l=bugtraq&m=139905295427946&w=2	Mailing List Third Party Advisory
78	http://marc.info/?l=bugtraq&m=139905295427946&w=2	Mailing List Third Party Advisory
79	http://marc.info/?l=bugtraq&m=139905351928096&w=2	Mailing List Third Party Advisory
80	http://marc.info/?l=bugtraq&m=139905351928096&w=2	Mailing List Third Party Advisory
81	http://marc.info/?l=bugtraq&m=139905405728262&w=2	Mailing List Third Party Advisory
82	http://marc.info/?l=bugtraq&m=139905405728262&w=2	Mailing List Third Party Advisory
83	http://marc.info/?l=bugtraq&m=139905458328378&w=2	Mailing List Third Party Advisory
84	http://marc.info/?l=bugtraq&m=139905458328378&w=2	Mailing List Third Party Advisory
85	http://marc.info/?l=bugtraq&m=139905653828999&w=2	Mailing List Third Party Advisory
86	http://marc.info/?l=bugtraq&m=139905653828999&w=2	Mailing List Third Party Advisory
87	http://marc.info/?l=bugtraq&m=139905868529690&w=2	Mailing List Third Party Advisory
88	http://marc.info/?l=bugtraq&m=139905868529690&w=2	Mailing List Third Party Advisory
89	http://marc.info/?l=bugtraq&m=140015787404650&w=2	Mailing List Third Party Advisory
90	http://marc.info/?l=bugtraq&m=140015787404650&w=2	Mailing List Third Party Advisory
91	http://marc.info/?l=bugtraq&m=140075368411126&w=2	Mailing List Third Party Advisory
92	http://marc.info/?l=bugtraq&m=140075368411126&w=2	Mailing List Third Party Advisory
93	http://marc.info/?l=bugtraq&m=140724451518351&w=2	Mailing List Third Party Advisory
94	http://marc.info/?l=bugtraq&m=140724451518351&w=2	Mailing List Third Party Advisory
95	http://marc.info/?l=bugtraq&m=140752315422991&w=2	Mailing List Third Party Advisory
96	http://marc.info/?l=bugtraq&m=140752315422991&w=2	Mailing List Third Party Advisory
97	http://marc.info/?l=bugtraq&m=141287864628122&w=2	Mailing List Third Party Advisory
98	http://marc.info/?l=bugtraq&m=141287864628122&w=2	Mailing List Third Party Advisory
99	http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
100	http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
101	http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
102	http://marc.info/?l=bugtraq&m=142660345230545&w=2	Mailing List Third Party Advisory
103	http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1	Third Party Advisory
104	http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1	Third Party Advisory
105	http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3	Permissions Required Third Party Advisory
106	http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3	Permissions Required Third Party Advisory
107	http://rhn.redhat.com/errata/RHSA-2014-0376.html	Third Party Advisory
108	http://rhn.redhat.com/errata/RHSA-2014-0376.html	Third Party Advisory
109	http://rhn.redhat.com/errata/RHSA-2014-0377.html	Third Party Advisory
110	http://rhn.redhat.com/errata/RHSA-2014-0377.html	Third Party Advisory
111	http://rhn.redhat.com/errata/RHSA-2014-0378.html	Third Party Advisory
112	http://rhn.redhat.com/errata/RHSA-2014-0378.html	Third Party Advisory
113	http://rhn.redhat.com/errata/RHSA-2014-0396.html	Third Party Advisory
114	http://rhn.redhat.com/errata/RHSA-2014-0396.html	Third Party Advisory
115	http://seclists.org/fulldisclosure/2014/Apr/109	Mailing List Third Party Advisory
116	http://seclists.org/fulldisclosure/2014/Apr/109	Mailing List Third Party Advisory
117	http://seclists.org/fulldisclosure/2014/Apr/173	Mailing List Third Party Advisory
118	http://seclists.org/fulldisclosure/2014/Apr/173	Mailing List Third Party Advisory
119	http://seclists.org/fulldisclosure/2014/Apr/190	Mailing List Third Party Advisory
120	http://seclists.org/fulldisclosure/2014/Apr/190	Mailing List Third Party Advisory
121	http://seclists.org/fulldisclosure/2014/Apr/90	Mailing List Third Party Advisory
122	http://seclists.org/fulldisclosure/2014/Apr/90	Mailing List Third Party Advisory
123	http://seclists.org/fulldisclosure/2014/Apr/91	Mailing List Third Party Advisory
124	http://seclists.org/fulldisclosure/2014/Apr/91	Mailing List Third Party Advisory
125	http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List Third Party Advisory
126	http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List Third Party Advisory
127	http://secunia.com/advisories/57347	Broken Link Third Party Advisory
128	http://secunia.com/advisories/57347	Broken Link Third Party Advisory
129	http://secunia.com/advisories/57483	Broken Link Third Party Advisory
130	http://secunia.com/advisories/57483	Broken Link Third Party Advisory
131	http://secunia.com/advisories/57721	Broken Link Third Party Advisory
132	http://secunia.com/advisories/57721	Broken Link Third Party Advisory
133	http://secunia.com/advisories/57836	Broken Link Third Party Advisory
134	http://secunia.com/advisories/57836	Broken Link Third Party Advisory
135	http://secunia.com/advisories/57966	Broken Link Third Party Advisory
136	http://secunia.com/advisories/57966	Broken Link Third Party Advisory
137	http://secunia.com/advisories/57968	Broken Link Third Party Advisory
138	http://secunia.com/advisories/57968	Broken Link Third Party Advisory
139	http://secunia.com/advisories/59139	Broken Link Third Party Advisory
140	http://secunia.com/advisories/59139	Broken Link Third Party Advisory
141	http://secunia.com/advisories/59243	Broken Link Third Party Advisory
142	http://secunia.com/advisories/59243	Broken Link Third Party Advisory
143	http://secunia.com/advisories/59347	Broken Link Third Party Advisory
144	http://secunia.com/advisories/59347	Broken Link Third Party Advisory
145	http://support.citrix.com/article/CTX140605	Third Party Advisory
146	http://support.citrix.com/article/CTX140605	Third Party Advisory
147	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed	Third Party Advisory
148	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed	Third Party Advisory
149	http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf	Broken Link Third Party Advisory
150	http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf	Broken Link Third Party Advisory
151	http://www.blackberry.com/btsc/KB35882	Broken Link
152	http://www.blackberry.com/btsc/KB35882	Broken Link
153	http://www.debian.org/security/2014/dsa-2896	Mailing List Third Party Advisory
154	http://www.debian.org/security/2014/dsa-2896	Mailing List Third Party Advisory
155	http://www.exploit-db.com/exploits/32745	Exploit Third Party Advisory VDB Entry
156	http://www.exploit-db.com/exploits/32745	Exploit Third Party Advisory VDB Entry
157	http://www.exploit-db.com/exploits/32764	Exploit Third Party Advisory VDB Entry
158	http://www.exploit-db.com/exploits/32764	Exploit Third Party Advisory VDB Entry
159	http://www.f-secure.com/en/web/labs_global/fsc-2014-1	Broken Link Third Party Advisory
160	http://www.f-secure.com/en/web/labs_global/fsc-2014-1	Broken Link Third Party Advisory
161	http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/	Release Notes
162	http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/	Release Notes
163	http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/	Third Party Advisory
164	http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/	Third Party Advisory
165	http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/	Release Notes
166	http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/	Release Notes
167	http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/	Release Notes
168	http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/	Release Notes
169	http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf	Not Applicable
170	http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf	Not Applicable
171	http://www.kb.cert.org/vuls/id/720951	Third Party Advisory US Government Resource
172	http://www.kb.cert.org/vuls/id/720951	Third Party Advisory US Government Resource
173	http://www.kerio.com/support/kerio-control/release-history	Broken Link Third Party Advisory
174	http://www.kerio.com/support/kerio-control/release-history	Broken Link Third Party Advisory
175	http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	Broken Link Third Party Advisory
176	http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	Broken Link Third Party Advisory
177	http://www.openssl.org/news/secadv_20140407.txt	Broken Link Vendor Advisory
178	http://www.openssl.org/news/secadv_20140407.txt	Broken Link Vendor Advisory
179	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	Patch Third Party Advisory
180	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	Patch Third Party Advisory
181	http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html	Patch Third Party Advisory
182	http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html	Patch Third Party Advisory
183	http://www.securityfocus.com/archive/1/534161/100/0/threaded	Broken Link Not Applicable Third Party Advisory VDB Entry
184	http://www.securityfocus.com/archive/1/534161/100/0/threaded	Broken Link Not Applicable Third Party Advisory VDB Entry
185	http://www.securityfocus.com/bid/66690	Broken Link Third Party Advisory VDB Entry
186	http://www.securityfocus.com/bid/66690	Broken Link Third Party Advisory VDB Entry
187	http://www.securitytracker.com/id/1030026	Broken Link Third Party Advisory VDB Entry
188	http://www.securitytracker.com/id/1030026	Broken Link Third Party Advisory VDB Entry
189	http://www.securitytracker.com/id/1030074	Broken Link Third Party Advisory VDB Entry
190	http://www.securitytracker.com/id/1030074	Broken Link Third Party Advisory VDB Entry
191	http://www.securitytracker.com/id/1030077	Broken Link Third Party Advisory VDB Entry
192	http://www.securitytracker.com/id/1030077	Broken Link Third Party Advisory VDB Entry
193	http://www.securitytracker.com/id/1030078	Broken Link Third Party Advisory VDB Entry
194	http://www.securitytracker.com/id/1030078	Broken Link Third Party Advisory VDB Entry
195	http://www.securitytracker.com/id/1030079	Broken Link Third Party Advisory VDB Entry
196	http://www.securitytracker.com/id/1030079	Broken Link Third Party Advisory VDB Entry
197	http://www.securitytracker.com/id/1030080	Broken Link Third Party Advisory VDB Entry
198	http://www.securitytracker.com/id/1030080	Broken Link Third Party Advisory VDB Entry
199	http://www.securitytracker.com/id/1030081	Broken Link Third Party Advisory VDB Entry
200	http://www.securitytracker.com/id/1030081	Broken Link Third Party Advisory VDB Entry
201	http://www.securitytracker.com/id/1030082	Broken Link Third Party Advisory VDB Entry
202	http://www.securitytracker.com/id/1030082	Broken Link Third Party Advisory VDB Entry
203	http://www.splunk.com/view/SP-CAAAMB3	Third Party Advisory
204	http://www.splunk.com/view/SP-CAAAMB3	Third Party Advisory
205	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00	Third Party Advisory
206	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00	Third Party Advisory
207	http://www.ubuntu.com/usn/USN-2165-1	Third Party Advisory
208	http://www.ubuntu.com/usn/USN-2165-1	Third Party Advisory
209	http://www.us-cert.gov/ncas/alerts/TA14-098A	Third Party Advisory US Government Resource
210	http://www.us-cert.gov/ncas/alerts/TA14-098A	Third Party Advisory US Government Resource
211	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	Broken Link
212	http://www.vmware.com/security/advisories/VMSA-2014-0012.html	Broken Link
213	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	Broken Link
214	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	Broken Link
215	http://www-01.ibm.com/support/docview.wss?uid=isg400001841	Third Party Advisory
216	http://www-01.ibm.com/support/docview.wss?uid=isg400001841	Third Party Advisory
217	http://www-01.ibm.com/support/docview.wss?uid=isg400001843	Third Party Advisory
218	http://www-01.ibm.com/support/docview.wss?uid=isg400001843	Third Party Advisory
219	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661	Third Party Advisory
220	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661	Third Party Advisory
221	http://www-01.ibm.com/support/docview.wss?uid=swg21670161	Broken Link
222	http://www-01.ibm.com/support/docview.wss?uid=swg21670161	Broken Link
223	https://blog.torproject.org/blog/openssl-bug-cve-2014-0160	Issue Tracking
224	https://blog.torproject.org/blog/openssl-bug-cve-2014-0160	Issue Tracking
225	https://bugzilla.redhat.com/show_bug.cgi?id=1084875	Issue Tracking Third Party Advisory
226	https://bugzilla.redhat.com/show_bug.cgi?id=1084875	Issue Tracking Third Party Advisory
227	https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf	Third Party Advisory
228	https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf	Third Party Advisory
229	https://code.google.com/p/mod-spdy/issues/detail?id=85	Issue Tracking
230	https://code.google.com/p/mod-spdy/issues/detail?id=85	Issue Tracking
231	https://filezilla-project.org/versions.php?type=server	Release Notes
232	https://filezilla-project.org/versions.php?type=server	Release Notes
233	https://gist.github.com/chapmajs/10473815	Exploit
234	https://gist.github.com/chapmajs/10473815	Exploit
235	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken	Broken Link
236	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken	Broken Link
237	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
238	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
239	https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
240	https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
241	https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
242	https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
243	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
244	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E	Mailing List Patch Third Party Advisory
245	https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html	Mailing List Third Party Advisory
246	https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html	Mailing List Third Party Advisory
247	https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html	Exploit Permissions Required Third Party Advisory
248	https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html	Exploit Permissions Required Third Party Advisory
249	https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html	Third Party Advisory
250	https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html	Third Party Advisory
251	https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217	Third Party Advisory
252	https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217	Third Party Advisory
253	https://www.cert.fi/en/reports/2014/vulnerability788210.html	Not Applicable Third Party Advisory
254	https://www.cert.fi/en/reports/2014/vulnerability788210.html	Not Applicable Third Party Advisory
255	https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008	Third Party Advisory
256	https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008	Third Party Advisory
257	https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd	Broken Link Exploit Third Party Advisory
258	https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd	Broken Link Exploit Third Party Advisory

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-125	境界外読み取り	https://cwe.mitre.org/data/definitions/125.html

構成10	以上	以下	より上	未満
cpe:2.3:a:mitel:micollab:6.0:::::::*
cpe:2.3:a:mitel:micollab:7.0:::::::*
cpe:2.3:a:mitel:micollab:7.1:::::::*
cpe:2.3:a:mitel:micollab:7.2:::::::*
cpe:2.3:a:mitel:micollab:7.3.0.104:::::::*
cpe:2.3:a:mitel:micollab:7.3:::::::*
cpe:2.3:a:mitel:mivoice:1.1.3.3:::::skype_for_business::
cpe:2.3:a:mitel:mivoice:1.2.0.11:::::skype_for_business::
cpe:2.3:a:mitel:mivoice:1.3.2.2:::::skype_for_business::
cpe:2.3:a:mitel:mivoice:1.4.0.102:::::skype_for_business::
cpe:2.3:a:mitel:mivoice:1.1.2.5:::::lync::

構成14	以上	以下	より上	未満
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:::::::*
cpe:2.3:a:redhat:storage:2.1:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:a:redhat:gluster_storage:2.1:::::::*
cpe:2.3:a:redhat:virtualization:6.0:::::::*