{"document":{"acknowledgments":[{"urls":["https://kb.cert.org/vuls/id/794340#acknowledgements"]}],"category":"CERT/CC Vulnerability Note","csaf_version":"2.0","notes":[{"category":"summary","text":"### Overview\r\n\r\nTwo buffer overflow vulnerabilities were discovered in OpenSSL versions 3.0.0 through 3.0.6. These vulnerabilities were introduced in version 3.0.0 with the inclusion of support for punycode email address parsing for X.509 certificates.   OpenSSL's assessment of the severity of the vulnerabilities has [reduced from CRITICAL to HIGH](https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/), and OpenSSL 3.0.7 addresses the issues.\r\n\r\n### Description\r\n\r\nTwo buffer overflows have been reported in the OpenSSL 3.0.x branch prior to version 3.0.7 that, when exploited, may lead to denial of services or, in some cases, remote code execution in the vulnerable target environment. OpenSSL client and server implementations that use the vulnerable libraries are affected.  The server implementation also requires that [TLS client authentication](https://www.rfc-editor.org/rfc/rfc4346#appendix-F.1.1) is enabled in order to attack, and potentially exploit, a vulnerable target.   [OpenSSL provides details:](https://gist.github.com/FiloSottile/611fc3fa95c3aceebf2580983f76148c) \r\n\r\n\r\n```\r\n* Fixed two buffer overflows in punycode decoding functions.\r\n\r\n   A buffer overrun can be triggered in X.509 certificate verification,\r\n   specifically in name constraint checking. Note that this occurs after\r\n   certificate chain signature verification and requires either a CA to\r\n   have signed the malicious certificate or for the application to continue\r\n   certificate verification despite failure to construct a path to a trusted\r\n   issuer.\r\n\r\n   In a TLS client, this can be triggered by connecting to a malicious\r\n   server.  In a TLS server, this can be triggered if the server requests\r\n   client authentication and a malicious client connects.\r\n\r\n   An attacker can craft a malicious email address to overflow\r\n   an arbitrary number of bytes containing the `.`  character (decimal 46)\r\n   on the stack.  This buffer overflow could result in a crash (causing a\r\n   denial of service).\r\n   ([CVE-2022-3786])\r\n\r\n   An attacker can craft a malicious email address to overflow four\r\n   attacker-controlled bytes on the stack.  This buffer overflow could\r\n   result in a crash (causing a denial of service) or potentially remote code\r\n   execution depending on stack layout for any given platform/compiler.\r\n   ([CVE-2022-3602])\r\n```\r\n\r\nOpenSSL versions 1.1.1 and 1.0.2 are not affected.\r\n\r\nCERT/CC is unaware of any exploitation of this vulnerability at this time.\r\n\r\n### Impact\r\nSuccessful exploitation could lead to denial of service or remote execution of arbitrary code in the target environment.\r\n\r\n### Solution\r\nAny services depending on versions of OpenSSL 3.0.x prior to OpenSSL 3.0.7 should be upgraded to version 3.0.7 or later.  Operators may also consider temporarily disabling TLS client authentication until applying an update.\r\n\r\n### Acknowledgements\r\nThanks to OpenSSL for coordinating and remediating the vulnerability. Polar Bear is credited as having discovered CVE-2022-3602. Viktor Dukhovni is reported as the source of CVE-2022-3786.\r\n\r\nThis document was written by Kevin Stephens, Eric Hatleback, Vijay Sarvepalli, and Jeffrey S. Havrilla.","title":"Summary"},{"category":"legal_disclaimer","text":"THIS DOCUMENT IS PROVIDED ON AN 'AS IS' BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. ","title":"Legal Disclaimer"},{"category":"other","text":"CERT/CC Vulnerability Note is a limited advisory. It primarily identifies vendors impacted by the advisory and not specific products. We only support \"known_affected\" and \"known_not_affected\" status. Please consult the vendor's statements and advisory URL if provided by the vendor for more details ","title":"Limitations of Advisory"},{"category":"other","text":"As FreeRADIUS uses OpenSSL along with TLS-based EAP methods, and RADIUS/TLS, we are likely affected by this issue.  \r\n\r\nSites which are not using RADIUS/TLS and are not using TLS-based EAP methods (EAP-TLS, TTLS, PEAP) are not affected.  We still recommend upgrading OpenSSL to a non-vulnerable version.\r\n\r\nFreeRADIUS version 3.0.26 and later added support for OpenSSL 3.  Any site which has built the server with OpenSSL 3 is likely affected.  Some vendors of OS distributions may have patched earlier versions of FreeRADIUS to support OpenSSL 3.  We suggest asking those vendors for updates.\r\n\r\nVersions of FreeRADIUS which are built against OpenSSL 1.x are not affected by this issue.\r\n\r\nWe suggest sites using OpenSSL 3 upgrade to OpenSSL 3.0.7 as soon as it is available.  There is no need to upgrade FreeRADIUS.","title":"Vendor statment from FreeRADIUS"},{"category":"other","text":"Navis does not uses the affected versions of OpenSSL in our environment","title":"Vendor statment from Navis"},{"category":"other","text":"No WAGO automation products are affected","title":"Vendor statment from Wago"},{"category":"other","text":"We do not use affected OpenSSL versions in our products.","title":"Vendor statment from ETIC Telecom"},{"category":"other","text":"MikroTik is not affected by the mentioned vulnerabilities.\r\n\r\nRouterOS v7 uses our own TLS implementation, RouterOS v6 uses 1.0.2u. RouterOS validates both sides of certificates as well, it is not affected.","title":"Vendor statment from MikroTik"},{"category":"other","text":"OpenSSL is not used in any of our products.","title":"Vendor statment from HitmanPro"},{"category":"other","text":"NI products do not include a vulnerable version of OpenSSL 3.x.","title":"Vendor statment from National Instruments (NI)"},{"category":"other","text":"We do not use the affected versions.","title":"Vendor statment from Red Lion Controls"},{"category":"other","text":"We do not ship (affected) OpenSSL libraries as part of our products.","title":"Vendor statment from Applied Informatics GmbH"},{"category":"other","text":"We are not affected.  Our products do not use openssl publicly.","title":"Vendor statment from Efiia"},{"category":"other","text":"Advantech ICR-xxxx devices are not using OpenSSL 3.x.","title":"Vendor statment from Advantech Czech"},{"category":"other","text":"Puppet's products are not using v3 of OpenSSL and are not vulnerable.","title":"Vendor statment from Puppet"},{"category":"other","text":"https://support2.windriver.com/index.php?page=security-notices&on=view&id=7916","title":"Vendor statment from Wind River"},{"category":"other","text":"OpenSSL 3.0 is not identified as used in our released products.","title":"Vendor statment from Atos SE"},{"category":"other","text":"Retired usage of OpenSSL and have not shipped v3.0.0 onwards.","title":"Vendor statment from eCosCentric"},{"category":"other","text":"No versions of the Reference Implementation of NTP from the NTP Project , www.ntp.org (hosted by Network Time Foundation, www.nwtime.org) have been released that use OpenSSL 3.0.0 thru 3.0.6.","title":"Vendor statment from NTP Project"},{"category":"other","text":"The vulnerabilities are in X.509 certificate verification which is a part of OpenSSL that is not used by Lasso.","title":"Vendor statment from Entr'ouvert"},{"category":"other","text":"Zscaler cloud components are not impacted by this vulnerability.","title":"Vendor statment from Zscaler"},{"category":"other","text":"Not using openssl","title":"Vendor statment from lsh"},{"category":"other","text":"All models of QNAP NAS are not affected.","title":"Vendor statment from QNAP"},{"category":"other","text":"Pragma Systems products do not use the openssl library.","title":"Vendor statment from Pragma Systems"},{"category":"other","text":"@Vijay We have not received a private announcement either.","title":"Vendor statment from Fuji Electric and Hakko Electric"},{"category":"other","text":"The Rust toolchain dynamically links to OpenSSL, so there is no need for a separate update other than updating the operative system's OpenSSL.","title":"Vendor statment from Rust Security Response WG"},{"category":"other","text":"All supported OpenWrt versions including master are using OpenSSL 1.1.1q which is not affected by this vulnerability.","title":"Vendor statment from OpenWRT"},{"category":"other","text":"Current gdnsd releases do not use OpenSSL.  Future, unreleased braches use OpenSSL libcrypto, but only","title":"Vendor statment from gdnsd"},{"category":"other","text":"While the BSCW groupware system is not directly affected, the potential vulnerability of the third-party software and services used (e.g. Apache HTTP, nginx, LDAP, SMTP) must be taken into account.","title":"Vendor statment from OrbiTeam Software GmbH"},{"category":"other","text":"On November 01, 2022, DNSFilter conducted a thorough investigation into these vulnerabilities: OpenSSL from version 3.0.0 before version 3.0.7. DNSFilter can confirm that their products, DNSFilter, Webshrinker, and GuardianApp are unaffected by these vulnerabilities.","title":"Vendor statment from DNSFilter"},{"category":"other","text":"Samba does not use OpenSSL in a server-side capacity.  Use is limited to client-side connection to pre-configured trusted LDAP servers for our password DB, and that is via OpenLDAP and subject to the choice of library there in any case.","title":"Vendor statment from Samba"},{"category":"other","text":"Muonics does not use OpenSSL in any of its products and is thus not vulnerable.","title":"Vendor statment from Muonics Inc."},{"category":"other","text":"**Solr's SSL support is provided by Java, which isn't OpenSSL based.\r\n**\r\n\r\nThere is a Docker image for Solr 9 & Solr 8, and thus are layered above operating system base layers that include OpenSSL, albeit unused.  For both, OpenSSL 1.1.1 is included, which is not vulnerable.  However some users may need to re-pull published images, as some recent releases did include vulnerable openssl.  Still; it's unused.  Docker Inc arranges for base operating system layers to be patched.","title":"Vendor statment from Apache Solr"},{"category":"other","text":"Juniper Networks has published Juniper Security Advisory JSA69999 regarding the recent pair of HIGH severity OpenSSL vulnerabilities announced by the OpenSSL project team.","title":"Vendor statment from Juniper Networks"},{"category":"other","text":"HardenedBSD provides OpenSSL in the ports tree as the security/openssl-devel port. Users of security/openssl-devel will need to update appropriately. The version of OpenSSL in the base operating system (1.1.1q) is unaffected.","title":"Vendor statment from HardenedBSD"},{"category":"other","text":"Not using openssl","title":"Vendor statment from Nettle"},{"category":"other","text":"Barracuda Networks has completed patching for all our products affected by the CVEs: CVE-2022-3602 and CVE-2022-3786.","title":"Vendor statment from Barracuda Networks"},{"category":"other","text":"B. Braun's first analysis determined that NONE of our connected devices and health IT software:","title":"Vendor statment from B. Braun"},{"category":"other","text":"We have checked our products. According to our findings none of our baramundi products is vulnerable to the mentioned OpenSSL vulnerabilities.","title":"Vendor statment from Baramundi Software"},{"category":"other","text":"Keysight has assessed our product portfolio and has determined that none of our products are exploitable by these CVEs.","title":"Vendor statment from Keysight Technologies"},{"category":"other","text":"Only Red Hat Enterprise Linux version 9 is affected by this vulnerability.\r\nRed Hat Enterprise Linux 8 and below are not affected, because are based on OpenSSL version 1, which is not affected by this issue.","title":"Vendor statment from Red Hat"},{"category":"other","text":"There are no RTI products currently using OpenSSL 3.x, hence no RTI products affected by this issue.","title":"Vendor statment from Real-Time Innovations (RTI)"},{"category":"other","text":"OpenSSL 1.1.1 (LTS) is used exclusively for all Macrium public releases. Therefore, there is no exposure to either CVE-2022-3602 or CVE-2022-3786.","title":"Vendor statment from Macrium"},{"category":"other","text":"Allegro products are engineered from ground up from standards-based specifications with no open source or GPL code.  We confirm that all Allegro products are not affected and do not utilize OpenSSL, portion of OpenSSL, or any derivatives.","title":"Vendor statment from Allegro Software Development Corporation"},{"category":"other","text":"WinSCP uses OpenSSL 1.1.1 (not the affected 3.0)","title":"Vendor statment from WinSCP"},{"category":"other","text":"These OpenSSL issues affected Ubuntu 22.04 LTS and Ubuntu 22.10; older Ubuntu releases are not affected. Updates that address the issues have been published.","title":"Vendor statment from Ubuntu"},{"category":"other","text":"Phoenix is not running OpenSSL 3.x in its core products and is therefore Not Affected. We continue to evaluate our full range of products to insure none are effected.","title":"Vendor statment from Phoenix Technologies"},{"category":"other","text":"These vulnerabilities only exists in the v10.97.2 version of the ICONICS Suite product, and are only a threat if the BACnet/SC communications is being used.  BACnet/SC was a new optional feature in the v10.97.2 release, not enabled by default, and provided as a \"Beta\" version within the release.  These vulnerabilities are addressed in the Critical Fixes Rollup 1 release for the v10.97.2 version of the ICONICS Suite product.","title":"Vendor statment from Iconics Inc."},{"category":"other","text":"Only Crestron's UC Engine was vulnerable. \r\n\r\nThis vulnerability affects the UC-Engine product line starting with version 1.00.22.766. The issue is resolved 1.00.22.784.\r\n\r\nSee https://www.crestron.com/Security/Security_Advisories for details.","title":"Vendor statment from Crestron Electronics"},{"category":"other","text":"No currently supported branches of FreeBSD are using OpenSSL 3.0.","title":"Vendor statment from FreeBSD"},{"category":"other","text":"Triton Data Center is build on top of SmartOS, which ships a platform-use-only version of OpenSSL 3.0.x.  3.0.7 will be rolling out with this week's biweekly platform release: 20221103.  We recommend ALL SmartOS users update their platform image to 20221103 to cover this.  (E.g. curl crashing due to a malicious server's certificates is the most obviously affected piece of SmartOS.)\r\n\r\nSmartOS native zones use pkgsrc, and pkgsrc does not yet distribution OpenSSL 3, so native zones that build their own software are not affected by this.  SmartOS (and Triton) HVMs will need to check their guest OS for OpenSSL 3 usage and status.","title":"Vendor statment from Triton Data Center"},{"category":"other","text":"QPR Software products not impacted by the OpenSSL 3.0.X vulnerabilities\r\n\r\nThe OpenSSL vulnerabilities CVE-2022-3602 and CVE-2022-3678 in the OpenSSL 3.0.X library were reported on November 1, 2022. This library is widely used across various systems around the world. We would like to inform that none of the QPR software solutions (including QPR ProcessAnalyzer, QPR ProcessDesigner, QPR EnterpriseArchitect, QPR Metrics, QPR UI and QPR BusinessPortal) utilize the OpenSSL library 3.0.X in any part of the software and are therefore not vulnerable to the OpenSSL 3.0.X exploits.","title":"Vendor statment from QPR Software"},{"category":"other","text":"Fujitsu is aware of the vulnerabilities in OpenSSL.\r\n\r\nThe affection state of Fujitsu products is under investigation.\r\nFujitsu ServerView Suite Installation Manager will receive an update with version 14.23.02.\r\nFujitsu ServerView Suite Integration - VMware vCenter will receive an update with version 4.3.5.\r\nFujitsu BS2000 SE V6.4A (incl. SP1-SP3) will receive an update with version SE V6.4A SP4.\r\n\r\nThe Fujitsu PSIRT released PSIRT-IS-2022-103119 on https://security.ts.fujitsu.com (Security Notices) accordingly.\r\n\r\nIn case of questions regarding this Fujitsu PSIRT Security Notice, please contact the Fujitsu PSIRT (Fujitsu-PSIRT@ts.fujitsu.com).","title":"Vendor statment from Fujitsu Europe"},{"category":"other","text":"Citrix is aware of the vulnerabilities (CVE-2022-3602, CVE-2022-3786) that impact OpenSSL versions 3.0.0 to 3.0.6. \r\n \r\nCitrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action.","title":"Vendor statment from Citrix"},{"category":"other","text":"Not Affected","title":"Vendor statment from Brocade Communication Systems"},{"category":"other","text":"Affected versions of OpenSSL are not used in our products.","title":"Vendor statment from Silicon Labs"},{"category":"other","text":"None of our products leverage the affected versions of this package","title":"Vendor statment from plixer"},{"category":"other","text":"OpenSSL version on MobaXerm version is on the 1.x branche.\r\nLatest version MobaXterm version 22.2 is using openssl (1.1.1o) \r\nMobaXterm is not affected by CVE 794340 and CVE-2022-3786","title":"Vendor statment from Mobatek"},{"category":"other","text":"No F5 products use vulnerable versions of OpenSSL","title":"Vendor statment from F5 Networks"},{"category":"other","text":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). \r\nhttps://atosunify.service-now.com/kb_view.do?sysparm_article=KB000105083\r\nA security advisory is published on our website.\r\nhttps://unify.com/en/support/security-advisories","title":"Vendor statment from Unify Software and Solutions GmbH and Co. KG"},{"category":"other","text":"Summary\r\nAfter evaluation of all MultiTech products and services, it is determined MultiTech does not use \r\nOpenSSL 3.0.0 to 3.0.6 decodes in any of its products and services and are not affected by this vulnerability.\r\n\r\nCustomer Action Plan\r\nNo action required.","title":"Vendor statment from MultiTech"},{"category":"other","text":"Wi-Fi Alliance tests and certifies Wi-Fi devices and several of these device implementations integrate OpenSSL cryptographic library to establish secure communication for WPA2-Enterprise and WPA3-Enterprise certifications.  These devices may be impacted by this vulnerability.  This vulnerability may result in a Denial-of-Service attack on a client device or server due to a malicious certificate.  Wi-Fi Alliance has notified our member companies of this vulnerability also encouraging them to update their implementations to use the latest available versions of OpenSSL (v3.0.7 or higher).","title":"Vendor statment from Wi-Fi Alliance"},{"category":"other","text":"OpenSSL is a distribution problem, so it does not *directly* affect illumos, but I'd like to include on behalf of as many distros as possible their OpenSSL 3.0.7 plans.\r\n\r\nOmniOS:  Should be ready for appropriate releases (r151040 and newer) by Tuesday Nov 1st.\r\n\r\nSmartOS:  Will be ready in the 20221103 biweekly release that cuts this week.\r\n\r\nOpenIndiana:  Does not ship OpenSSL 3.0.x yet, so unaffected.\r\n\r\nTribblix: Does not ship OpenSSL 3.0.x yet, so unaffected.\r\n\r\nDilos: Does not ship OpenSSL 3.0.x yet, so unaffected.","title":"Vendor statment from Illumos"},{"category":"other","text":"We use the 1.1.1 branch in our product firmwares (which is still supported for about one year from now by the openssl team). \r\nWe do however need to patch a couple of publicly accessible servers quickly.","title":"Vendor statment from AVM GmbH"},{"category":"other","text":"SUSE ships openssl-3, but only as a secondary library on SUSE Linux Enterprise Server 15 SP4 and newer products. Note that openssl-3 is currently not used by any SUSE libraries or tooling.\r\n\r\nOlder products and older openssl versions are not affected by this problem.","title":"Vendor statment from SUSE Linux"},{"category":"other","text":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","title":"Vendor statment from pfSense"},{"category":"other","text":"None of Synology's products are affected. As this vulnerability only affects OpenSSL 3.0+.","title":"Vendor statment from Synology"},{"category":"other","text":"Palo Alto Networks has published https://security.paloaltonetworks.com/PAN-SA-2022-0006 to provide the latest status on these issues as they relate to our products.","title":"Vendor statment from Palo Alto Networks"},{"category":"other","text":"These vulnerabilities exist in Mitsubishi Electric Corporation GENESIS64 Version 10.97.2, may cause denial of service (DoS) condition, and only affects if the BACnet secure connect function is enabled explicitly. This function is installed as a “Beta” version in GENESIS64 and is disabled by default.","title":"Vendor statment from Mitsubishi Electric Corporation"},{"category":"other","text":"NetBSD and pkgsrc have not yet shipped openssl3.  The version of openssl3 in the development branch, which will appear in NetBSD 10, is 3.0.9.  pkgsrc has not yet been updated to openssl3.","title":"Vendor statment from NetBSD"},{"category":"other","text":"Most recent Proxmox projects' stable version build upon Debian Bullseye, which is using the unaffected OpenSSL version 1.1.1n","title":"Vendor statment from Proxmox Server Solutions"},{"category":"other","text":"Zammad uses the 'openssl' Ruby gem which links to the openssl library installed on the system. Therefore, Zammad is not directly affected as a product, but administrators should ensure to have the latest version of openssl installed.","title":"Vendor statment from Zammad"},{"category":"other","text":"New Relic’s investigation has determined that New Relic products are not affected by the recently announced vulnerabilities in OpenSSL, identified as CVE-2022-3602 and CVE-2022-3786. No software distributed by New Relic for use in customer environments uses the affected version of OpenSSL and no updates or customer action is needed at this time.","title":"Vendor statment from Newrelic"},{"category":"other","text":"See [https://www.vandyke.com/support/advisory/2022/11/open-ssl-300-through-306-vulnerabilities.html](https://).\r\n\r\n# Products Not Affected\r\n* All VanDyke Software products on supported Windows platforms.\r\n* All VanDyke Software products on supported RHEL platforms.\r\n* All VanDyke Software products on supported macOS platforms.\r\n* All VanDyke Software products on supported Ubuntu platforms version 20.04 and earlier.\r\n* SecureCRT/SecureFX version 9.3 on Ubuntu 22.04 platforms which have already been patched with OpenSSL version 3.0.7 or newer.\r\n* VShell version 4.8 on Ubuntu 22.04 platforms which have already been patched with OpenSSL version 3.0.7 or newer.\r\n\r\n# Products Affected\r\n* SecureCRT/SecureFX version 9.3, only on Ubuntu 22.04 platforms which have not yet been patched with OpenSSL version 3.0.7 or newer.\r\n* VShell version 4.8, only on Ubuntu 22.04 platforms which have not yet been patched with OpenSSL version 3.0.7 or newer.\r\n\r\n# Resolution for Ubuntu 22.04\r\n* Patch Ubuntu 22.04 with OpenSSL version 3.0.7 or newer.","title":"Vendor statment from VanDyke Software"}],"publisher":{"category":"coordinator","contact_details":"Email: cert@cert.org, Phone: +1412 268 5800","issuing_authority":"CERT/CC under DHS/CISA https://www.cisa.gov/cybersecurity also see https://kb.cert.org/ ","name":"CERT/CC","namespace":"https://kb.cert.org/"},"references":[{"url":"https://certcc.github.io/certcc_disclosure_policy","summary":"CERT/CC vulnerability disclosure policy"},{"summary":"CERT/CC document released","category":"self","url":"https://kb.cert.org/vuls/id/794340"},{"url":"https://www.openssl.org/news/secadv/20221101.txt","summary":"https://www.openssl.org/news/secadv/20221101.txt"},{"url":"https://gist.github.com/FiloSottile/611fc3fa95c3aceebf2580983f76148c","summary":"https://gist.github.com/FiloSottile/611fc3fa95c3aceebf2580983f76148c"},{"url":"https://github.com/NCSC-NL/OpenSSL-2022/tree/main/software","summary":"https://github.com/NCSC-NL/OpenSSL-2022/tree/main/software"},{"url":"https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/","summary":"https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/"},{"url":"https://support2.windriver.com/index.php?page=security-notices&on=view&id=7916","summary":"Reference(s) from vendor \"Wind River\""},{"url":"https://trust.zscaler.com/zscaler.net/posts/12411","summary":"Reference(s) from vendor \"Zscaler\""},{"url":"https://kb.juniper.net/JSA69999","summary":"Reference(s) from vendor \"Juniper Networks\""},{"url":"https://www.sophos.com/en-us/security-advisories/sophos-sa-20221031-openssl-vuln","summary":"Reference(s) from vendor \"Sophos\""},{"url":"https://www.barracuda.com/company/legal/barracudas-response-to-openssl-security-advisory","summary":"Reference(s) from vendor \"Barracuda Networks\""},{"url":"https://www.keysight.com/us/en/about/quality-and-security/security/product-and-solution-cyber-security/security-advisory-archive/security-advisory-cve-2022-3786-cve-2022-3602.html","summary":"Reference(s) from vendor \"Keysight Technologies\""},{"url":"https://access.redhat.com/security/vulnerabilities/RHSB-2022-004","summary":"Reference(s) from vendor \"Red Hat\""},{"url":"https://ubuntu.com/security/notices/USN-5710-1","summary":"Reference(s) from vendor \"Ubuntu\""},{"url":"https://freshservice.onqpr.com/support/announcements/50000019531","summary":"Reference(s) from vendor \"QPR Software\""},{"url":"https://support.citrix.com/article/CTX473026/impact-of-open-ssl-30-vulnerabilities-cve20223602-cve20223786-on-citrix-products","summary":"Reference(s) from vendor \"Citrix\""},{"url":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2115","summary":"Reference(s) from vendor \"Brocade Communication Systems\""},{"url":"https://kb.paessler.com/en/topic/91170-is-paessler-prtg-affected-by-cve-2022-3786-and-cve-2022-3602","summary":"Reference(s) from vendor \"Paessler\""},{"url":"https://community.ui.com/releases/Statement-Regarding-OpenSSL-3-x-Vulnerability-001/86d4308a-a65d-4a26-90c8-0ac068dd757e","summary":"Reference(s) from vendor \"Ubiquiti\""},{"url":"https://support.f5.com/csp/article/K44030142","summary":"Reference(s) from vendor \"F5 Networks\""},{"url":"https://www.multitech.com/documents/publications/policies/SA%2004122023%20-%20CVE-2022-3602_CVE-2022-3786.pdf","summary":"Reference(s) from vendor \"MultiTech\""},{"url":"https://github.com/pfsense/FreeBSD-src/tree/devel-12/crypto/openssl","summary":"Reference(s) from vendor \"pfSense\""},{"url":"https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/","summary":"Reference(s) from vendor \"OpenSSL\""},{"url":"https://security.paloaltonetworks.com/PAN-SA-2022-0006","summary":"Reference(s) from vendor \"Palo Alto Networks\""},{"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-024_en.pdf","summary":"Reference(s) from vendor \"Mitsubishi Electric Corporation\""},{"url":"https://www.vandyke.com/support/advisory/2022/11/open-ssl-300-through-306-vulnerabilities.html","summary":"Reference(s) from vendor \"VanDyke Software\""},{"url":"https://www.openssl.org/news/secadv/20221101.txt","summary":"Reference(s) from vendor \"VanDyke Software\""},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3602","summary":"Reference(s) from vendor \"VanDyke Software\""},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3786","summary":"Reference(s) from vendor \"VanDyke Software\""}],"title":"OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly","tracking":{"current_release_date":"2024-03-08T18:27:32+00:00","generator":{"engine":{"name":"VINCE","version":"3.0.35"}},"id":"VU#794340","initial_release_date":"2022-11-01 04:00:00+00:00","revision_history":[{"date":"2024-03-08T18:27:32+00:00","number":"1.20240308182732.32","summary":"Released on 2024-03-08T18:27:32+00:00"}],"status":"final","version":"1.20240308182732.32"}},"vulnerabilities":[{"title":"CVE-2022-3602 (OpenSSL advisory) [HIGH severity] 01 November 2022: \r\nA buffer overrun can be triggered in X.","notes":[{"category":"summary","text":"CVE-2022-3602 (OpenSSL advisory) [HIGH severity] 01 November 2022: \r\nA buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Reported by Polar Bear.\r\nFixed in OpenSSL 3.0.7 (git commit) (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)"}],"cve":"CVE-2022-3602","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#794340"}],"references":[{"url":"https://www.multitech.com/documents/publications/policies/SA%2004122023%20-%20CVE-2022-3602_CVE-2022-3786.pdf","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-024_en.pdf","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://www.openssl.org/news/secadv/20221101.txt","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://support.f5.com/csp/article/K44030142","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://support.citrix.com/article/CTX473026/impact-of-open-ssl-30-vulnerabilities-cve20223602-cve20223786-on-citrix-products","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://msrc-blog.microsoft.com/2022/11/02/microsoft-guidance-related-to-openssl-risk-cve-2022-3786-and-cve-2202-3602/","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://appsec-doc.inext.checkpoint.com/references/cve-2022-3786-and-cve-2022-3602-openssl-x.509-email-address-buffer-overflows-high","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://www.barracuda.com/company/legal/barracudas-response-to-openssl-security-advisory","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://atosunify.service-now.com/kb_view.do?sysparm_article=KB000105083","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://unify.com/en/support/security-advisories","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"},{"url":"https://github.com/pfsense/FreeBSD-src/tree/devel-12/crypto/openssl","summary":"Current releases of pfSense software (Plus and CE) use OpenSSL version 1.1.1 and are not affected.","category":"external"}],"product_status":{"known_affected":["CSAFPID-15b87cfa-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b95fa8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b9bd5e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15bd734a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15be9ee6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c142fe-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c27980-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c2b710-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c37010-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c3bd40-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c3f620-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c508b2-3b64-11f1-8422-122e2785dc9f","CSAFPID-15caa150-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cbad70-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cbe2e0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ce7014-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d075da-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d18272-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d1ebcc-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d236d6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d34b20-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d53a7a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15da3c14-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e24274-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e2ade0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e494de-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e4c512-3b64-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-15b70d70-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b7934e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b7c986-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b80cac-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b84abe-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b8b6fc-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b8f1e4-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b921fa-3b64-11f1-8422-122e2785dc9f","CSAFPID-15b98780-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ba1d1c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15bcdf5c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15bd2412-3b64-11f1-8422-122e2785dc9f","CSAFPID-15bdafae-3b64-11f1-8422-122e2785dc9f","CSAFPID-15bdeabe-3b64-11f1-8422-122e2785dc9f","CSAFPID-15be2cd6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15be60ac-3b64-11f1-8422-122e2785dc9f","CSAFPID-15befb84-3b64-11f1-8422-122e2785dc9f","CSAFPID-15bf4b34-3b64-11f1-8422-122e2785dc9f","CSAFPID-15bf99d6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15bfd374-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c01ff0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c06b2c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c1010e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c18908-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c1d318-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c21c56-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c2fcd4-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c42d02-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c479b0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c4c41a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c5491c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c59cfa-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c5e0c0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c62a9e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c677ba-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c6b5e0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c7500e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c78790-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c7c340-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c7fd4c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c846da-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c89450-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c8d000-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c908d6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c95246-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c985c2-3b64-11f1-8422-122e2785dc9f","CSAFPID-15c9d2ca-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ca0254-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ca3a58-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ca7004-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cad38c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cafb50-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cb2828-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cb70b2-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cc3b28-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cc6990-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cca018-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ccf9d2-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cd2e7a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cd96b2-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cdeacc-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ce40f8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ced1f8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cf128a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cf61ae-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cfad6c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15cff70e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d03e94-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d0b14e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d0f7f8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d13588-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d2682c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d2a724-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d2f620-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d39f4e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d3d9be-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d432ec-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d4b460-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d4f600-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d582dc-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d60a04-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d65a22-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d69d8e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d6f37e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d73672-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d76692-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d7ad00-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d7e6b2-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d80f02-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d85a20-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d89904-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d8e62a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d9295a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15d9bece-3b64-11f1-8422-122e2785dc9f","CSAFPID-15da0096-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dabc84-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dae5d8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15db3a10-3b64-11f1-8422-122e2785dc9f","CSAFPID-15db603a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15db87d6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dbaedc-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dbdd94-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dc180e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dc4c70-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dc7236-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dca2b0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dd1812-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dd6c68-3b64-11f1-8422-122e2785dc9f","CSAFPID-15dda548-3b64-11f1-8422-122e2785dc9f","CSAFPID-15de3efe-3b64-11f1-8422-122e2785dc9f","CSAFPID-15de6f6e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e0f0e0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e1376c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e17ad8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e1ab2a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e1dc12-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e21164-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e2832e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e2e896-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e31744-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e34408-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e3d120-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e41176-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e437f0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e46c2a-3b64-11f1-8422-122e2785dc9f"]}},{"title":"An attacker can craft a malicious email address to overflow an arbitrary number of bytes containing the `.","notes":[{"category":"summary","text":"An attacker can craft a malicious email address to overflow an arbitrary number of bytes containing the `.`  character (decimal 46) on the stack.  This buffer overflow could result in a crash (causing a denial of service)."}],"cve":"CVE-2022-3786","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#794340"}],"references":[{"url":"https://github.com/pfsense/FreeBSD-src/tree/devel-12/crypto/openssl","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://www.multitech.com/documents/publications/policies/SA%2004122023%20-%20CVE-2022-3602_CVE-2022-3786.pdf","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-024_en.pdf","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://www.openssl.org/news/secadv/20221101.txt","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://support.f5.com/csp/article/K44030142","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://support.citrix.com/article/CTX473026/impact-of-open-ssl-30-vulnerabilities-cve20223602-cve20223786-on-citrix-products","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://msrc-blog.microsoft.com/2022/11/02/microsoft-guidance-related-to-openssl-risk-cve-2022-3786-and-cve-2202-3602/","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://appsec-doc.inext.checkpoint.com/references/cve-2022-3786-and-cve-2022-3602-openssl-x.509-email-address-buffer-overflows-high","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://www.barracuda.com/company/legal/barracudas-response-to-openssl-security-advisory","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://atosunify.service-now.com/kb_view.do?sysparm_article=KB000105083","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"},{"url":"https://unify.com/en/support/security-advisories","summary":"We have issued a vulnerability impact statement on the Atos Unify Support portal (registers users only). A security advisory is published on our website.","category":"external"}],"product_status":{"known_affected":["CSAFPID-15e6ad78-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e7ed6e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e8adf8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e9ad84-3b64-11f1-8422-122e2785dc9f","CSAFPID-15eae33e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15edd63e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ee6248-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ee9d12-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ef1dbe-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ef7cfa-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f0567a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f0d5c8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f222a2-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f565e8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f62cee-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fedb14-3b64-11f1-8422-122e2785dc9f","CSAFPID-16003d2e-3b64-11f1-8422-122e2785dc9f","CSAFPID-160174fa-3b64-11f1-8422-122e2785dc9f","CSAFPID-1602735a-3b64-11f1-8422-122e2785dc9f","CSAFPID-16052820-3b64-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-15e56616-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e59ce4-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e5e046-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e61eee-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e64e0a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e67eac-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e6e914-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e71ab0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e7562e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e79ca6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e83ac6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e87ba8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e906cc-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e9328c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e9765c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15e9dd36-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ea1ac6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ea4f28-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ea82a4-3b64-11f1-8422-122e2785dc9f","CSAFPID-15eab18e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15eb4d74-3b64-11f1-8422-122e2785dc9f","CSAFPID-15eb7e84-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ebad32-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ebe6bc-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ec1c40-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ec4bac-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ec8cd4-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ecc7f8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ed74b4-3b64-11f1-8422-122e2785dc9f","CSAFPID-15eda98e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ee0186-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ee2a1c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15eee5ec-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ef4f50-3b64-11f1-8422-122e2785dc9f","CSAFPID-15efda2e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f01b7e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f0a36e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f11394-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f14e40-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f182e8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f1b8c6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f26faa-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f3cbd4-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f3fde8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f4365a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f4a414-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f4dfd8-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f50d00-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f5d488-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f66736-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f6b204-3b64-11f1-8422-122e2785dc9f","CSAFPID-15f7287e-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fa1854-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fa5d5a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fa90c2-3b64-11f1-8422-122e2785dc9f","CSAFPID-15facf1a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fb0840-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fb6b50-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fbd752-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fc0a4c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fc4eda-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fc80d0-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fcac2c-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fce93a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fd1572-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fd51d6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fd8ec6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fdd2e6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fe36e6-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fe72d2-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fea1e4-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ff1d04-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ff5f3a-3b64-11f1-8422-122e2785dc9f","CSAFPID-15ffa260-3b64-11f1-8422-122e2785dc9f","CSAFPID-15fff99a-3b64-11f1-8422-122e2785dc9f","CSAFPID-1600765e-3b64-11f1-8422-122e2785dc9f","CSAFPID-1600a840-3b64-11f1-8422-122e2785dc9f","CSAFPID-1600d248-3b64-11f1-8422-122e2785dc9f","CSAFPID-1600f962-3b64-11f1-8422-122e2785dc9f","CSAFPID-1601b262-3b64-11f1-8422-122e2785dc9f","CSAFPID-1601ed90-3b64-11f1-8422-122e2785dc9f","CSAFPID-16022814-3b64-11f1-8422-122e2785dc9f","CSAFPID-1602fe9c-3b64-11f1-8422-122e2785dc9f","CSAFPID-16032eb2-3b64-11f1-8422-122e2785dc9f","CSAFPID-160373f4-3b64-11f1-8422-122e2785dc9f","CSAFPID-1603b2d8-3b64-11f1-8422-122e2785dc9f","CSAFPID-1603f176-3b64-11f1-8422-122e2785dc9f","CSAFPID-1604391a-3b64-11f1-8422-122e2785dc9f","CSAFPID-16046bc4-3b64-11f1-8422-122e2785dc9f","CSAFPID-1604a396-3b64-11f1-8422-122e2785dc9f","CSAFPID-1604e4d2-3b64-11f1-8422-122e2785dc9f"]}}],"product_tree":{"branches":[{"category":"vendor","name":"Bayer","product":{"name":"Bayer Products","product_id":"CSAFPID-15b70d70-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Artifex Software Inc.","product":{"name":"Artifex Software Inc. Products","product_id":"CSAFPID-15b754f6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"MikroTik","product":{"name":"MikroTik Products","product_id":"CSAFPID-15b7934e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Samba","product":{"name":"Samba Products","product_id":"CSAFPID-15b7c986-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Palo Alto Networks","product":{"name":"Palo Alto Networks Products","product_id":"CSAFPID-15b80cac-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-15b84abe-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OpenSSL","product":{"name":"OpenSSL Products","product_id":"CSAFPID-15b87cfa-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Zscaler","product":{"name":"Zscaler Products","product_id":"CSAFPID-15b8b6fc-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Entr'ouvert","product":{"name":"Entr'ouvert Products","product_id":"CSAFPID-15b8f1e4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"MultiTech","product":{"name":"MultiTech Products","product_id":"CSAFPID-15b921fa-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wi-Fi Alliance","product":{"name":"Wi-Fi Alliance Products","product_id":"CSAFPID-15b95fa8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Ovarro","product":{"name":"Ovarro Products","product_id":"CSAFPID-15b98780-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Mitsubishi Electric Corporation","product":{"name":"Mitsubishi Electric Corporation Products","product_id":"CSAFPID-15b9bd5e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-15b9e78e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Tychon","product":{"name":"Tychon Products","product_id":"CSAFPID-15ba1d1c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OTRS","product":{"name":"OTRS Products","product_id":"CSAFPID-15bcdf5c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-15bd2412-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Squid","product":{"name":"Squid Products","product_id":"CSAFPID-15bd734a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wago","product":{"name":"Wago Products","product_id":"CSAFPID-15bdafae-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OpenSSH","product":{"name":"OpenSSH Products","product_id":"CSAFPID-15bdeabe-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LibreOffice","product":{"name":"LibreOffice Products","product_id":"CSAFPID-15be2cd6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Lacework","product":{"name":"Lacework Products","product_id":"CSAFPID-15be60ac-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Citrix","product":{"name":"Citrix Products","product_id":"CSAFPID-15be9ee6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Liferay","product":{"name":"Liferay Products","product_id":"CSAFPID-15befb84-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Commvault","product":{"name":"Commvault Products","product_id":"CSAFPID-15bf4b34-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Automated Solutions","product":{"name":"Automated Solutions Products","product_id":"CSAFPID-15bf99d6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Garmin International, Inc.","product":{"name":"Garmin International, Inc. Products","product_id":"CSAFPID-15bfd374-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"The Echo Group","product":{"name":"The Echo Group Products","product_id":"CSAFPID-15c01ff0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Modbus Tools","product":{"name":"Modbus Tools Products","product_id":"CSAFPID-15c06b2c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"PostgreSQL","product":{"name":"PostgreSQL Products","product_id":"CSAFPID-15c0bb9a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Securepoint GmbH","product":{"name":"Securepoint GmbH Products","product_id":"CSAFPID-15c1010e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fujitsu Europe","product":{"name":"Fujitsu Europe Products","product_id":"CSAFPID-15c142fe-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Chocolatey Software","product":{"name":"Chocolatey Software Products","product_id":"CSAFPID-15c18908-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Nozomi Networks","product":{"name":"Nozomi Networks Products","product_id":"CSAFPID-15c1d318-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"plixer","product":{"name":"plixer Products","product_id":"CSAFPID-15c21c56-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SolarWinds","product":{"name":"SolarWinds Products","product_id":"CSAFPID-15c27980-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"VanDyke Software","product":{"name":"VanDyke Software Products","product_id":"CSAFPID-15c2b710-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Applied Informatics GmbH","product":{"name":"Applied Informatics GmbH Products","product_id":"CSAFPID-15c2fcd4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Insyde Software Corporation","product":{"name":"Insyde Software Corporation Products","product_id":"CSAFPID-15c3374e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Digi International","product":{"name":"Digi International Products","product_id":"CSAFPID-15c37010-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-15c3bd40-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Adobe","product":{"name":"Adobe Products","product_id":"CSAFPID-15c3f620-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SAS","product":{"name":"SAS Products","product_id":"CSAFPID-15c42d02-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Newrelic","product":{"name":"Newrelic Products","product_id":"CSAFPID-15c479b0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Zammad","product":{"name":"Zammad Products","product_id":"CSAFPID-15c4c41a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Iconics Inc.","product":{"name":"Iconics Inc. Products","product_id":"CSAFPID-15c508b2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"QPR Software","product":{"name":"QPR Software Products","product_id":"CSAFPID-15c5491c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"WinSCP","product":{"name":"WinSCP Products","product_id":"CSAFPID-15c59cfa-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Zyxel","product":{"name":"Zyxel Products","product_id":"CSAFPID-15c5e0c0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ETIC Telecom","product":{"name":"ETIC Telecom Products","product_id":"CSAFPID-15c62a9e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Moxa","product":{"name":"Moxa Products","product_id":"CSAFPID-15c677ba-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-15c6b5e0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Phoenix Contact","product":{"name":"Phoenix Contact Products","product_id":"CSAFPID-15c7095a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Real-Time Innovations (RTI)","product":{"name":"Real-Time Innovations (RTI) Products","product_id":"CSAFPID-15c7500e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Silicon Labs","product":{"name":"Silicon Labs Products","product_id":"CSAFPID-15c78790-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Rockwell Automation","product":{"name":"Rockwell Automation Products","product_id":"CSAFPID-15c7c340-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"IPCOMM","product":{"name":"IPCOMM Products","product_id":"CSAFPID-15c7fd4c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Roche Diagnostics International AG","product":{"name":"Roche Diagnostics International AG Products","product_id":"CSAFPID-15c846da-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"BR Industrial Automation","product":{"name":"BR Industrial Automation Products","product_id":"CSAFPID-15c89450-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"BitZipper","product":{"name":"BitZipper Products","product_id":"CSAFPID-15c8d000-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Navis","product":{"name":"Navis Products","product_id":"CSAFPID-15c908d6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Veracode","product":{"name":"Veracode Products","product_id":"CSAFPID-15c95246-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Keysight Technologies","product":{"name":"Keysight Technologies Products","product_id":"CSAFPID-15c985c2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Proxmox Server Solutions","product":{"name":"Proxmox Server Solutions Products","product_id":"CSAFPID-15c9d2ca-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Baramundi Software","product":{"name":"Baramundi Software Products","product_id":"CSAFPID-15ca0254-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Check Point","product":{"name":"Check Point Products","product_id":"CSAFPID-15ca3a58-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"B. Braun","product":{"name":"B. Braun Products","product_id":"CSAFPID-15ca7004-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Barracuda Networks","product":{"name":"Barracuda Networks Products","product_id":"CSAFPID-15caa150-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Allegro Software Development Corporation","product":{"name":"Allegro Software Development Corporation Products","product_id":"CSAFPID-15cad38c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"National Instruments (NI)","product":{"name":"National Instruments (NI) Products","product_id":"CSAFPID-15cafb50-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AirDroid","product":{"name":"AirDroid Products","product_id":"CSAFPID-15cb2828-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Sophos","product":{"name":"Sophos Products","product_id":"CSAFPID-15cb70b2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Unify Software and Solutions GmbH and Co. KG","product":{"name":"Unify Software and Solutions GmbH and Co. KG Products","product_id":"CSAFPID-15cbad70-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-15cbe2e0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Macrium","product":{"name":"Macrium Products","product_id":"CSAFPID-15cc3b28-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"pUPNP","product":{"name":"pUPNP Products","product_id":"CSAFPID-15cc6990-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"X.org Foundation","product":{"name":"X.org Foundation Products","product_id":"CSAFPID-15cca018-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Peplink","product":{"name":"Peplink Products","product_id":"CSAFPID-15ccf9d2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Solr","product":{"name":"Apache Solr Products","product_id":"CSAFPID-15cd2e7a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"DNSFilter","product":{"name":"DNSFilter Products","product_id":"CSAFPID-15cd96b2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"gdnsd","product":{"name":"gdnsd Products","product_id":"CSAFPID-15cdeacc-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"pfSense","product":{"name":"pfSense Products","product_id":"CSAFPID-15ce40f8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-15ce7014-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AVM GmbH","product":{"name":"AVM GmbH Products","product_id":"CSAFPID-15ced1f8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OrbiTeam Software GmbH","product":{"name":"OrbiTeam Software GmbH Products","product_id":"CSAFPID-15cf128a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NTP Project","product":{"name":"NTP Project Products","product_id":"CSAFPID-15cf61ae-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-15cfad6c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Atos SE","product":{"name":"Atos SE Products","product_id":"CSAFPID-15cff70e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"CVSNT","product":{"name":"CVSNT Products","product_id":"CSAFPID-15d03e94-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wind River","product":{"name":"Wind River Products","product_id":"CSAFPID-15d075da-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Ubiquiti","product":{"name":"Ubiquiti Products","product_id":"CSAFPID-15d0b14e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OpenWRT","product":{"name":"OpenWRT Products","product_id":"CSAFPID-15d0f7f8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Pi-Hole","product":{"name":"Pi-Hole Products","product_id":"CSAFPID-15d13588-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Crestron Electronics","product":{"name":"Crestron Electronics Products","product_id":"CSAFPID-15d18272-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Triton Data Center","product":{"name":"Triton Data Center Products","product_id":"CSAFPID-15d1ebcc-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Illumos","product":{"name":"Illumos Products","product_id":"CSAFPID-15d236d6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Rust Security Response WG","product":{"name":"Rust Security Response WG Products","product_id":"CSAFPID-15d2682c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Puppet","product":{"name":"Puppet Products","product_id":"CSAFPID-15d2a724-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Mobatek","product":{"name":"Mobatek Products","product_id":"CSAFPID-15d2f620-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"FreeRADIUS","product":{"name":"FreeRADIUS Products","product_id":"CSAFPID-15d34b20-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Advantech Czech","product":{"name":"Advantech Czech Products","product_id":"CSAFPID-15d39f4e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Android Open Source Project","product":{"name":"Android Open Source Project Products","product_id":"CSAFPID-15d3d9be-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Miredo","product":{"name":"Miredo Products","product_id":"CSAFPID-15d432ec-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Proofpoint","product":{"name":"Proofpoint Products","product_id":"CSAFPID-15d46dca-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NGINX","product":{"name":"NGINX Products","product_id":"CSAFPID-15d4b460-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Menlo Security","product":{"name":"Menlo Security Products","product_id":"CSAFPID-15d4f600-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"HardenedBSD","product":{"name":"HardenedBSD Products","product_id":"CSAFPID-15d53a7a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Hikvision","product":{"name":"Hikvision Products","product_id":"CSAFPID-15d582dc-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fuji Electric and Hakko Electric","product":{"name":"Fuji Electric and Hakko Electric Products","product_id":"CSAFPID-15d5ce04-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lwIP","product":{"name":"lwIP Products","product_id":"CSAFPID-15d60a04-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Efiia","product":{"name":"Efiia Products","product_id":"CSAFPID-15d65a22-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Inductive Automation","product":{"name":"Inductive Automation Products","product_id":"CSAFPID-15d69d8e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ACROS Security","product":{"name":"ACROS Security Products","product_id":"CSAFPID-15d6f37e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cerberus LLC","product":{"name":"Cerberus LLC Products","product_id":"CSAFPID-15d73672-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Splunk","product":{"name":"Splunk Products","product_id":"CSAFPID-15d76692-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Qualys","product":{"name":"Qualys Products","product_id":"CSAFPID-15d7ad00-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Prefix WhoIs","product":{"name":"Prefix WhoIs Products","product_id":"CSAFPID-15d7e6b2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Lion Controls","product":{"name":"Red Lion Controls Products","product_id":"CSAFPID-15d80f02-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Pragma Systems","product":{"name":"Pragma Systems Products","product_id":"CSAFPID-15d85a20-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"QNAP","product":{"name":"QNAP Products","product_id":"CSAFPID-15d89904-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"PuTTY","product":{"name":"PuTTY Products","product_id":"CSAFPID-15d8e62a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NetBSD","product":{"name":"NetBSD Products","product_id":"CSAFPID-15d9295a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NetComm Wireless Limited","product":{"name":"NetComm Wireless Limited Products","product_id":"CSAFPID-15d96f96-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Nettle","product":{"name":"Nettle Products","product_id":"CSAFPID-15d9bece-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-15da0096-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Joyent","product":{"name":"Joyent Products","product_id":"CSAFPID-15da3c14-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Imperva Inc.","product":{"name":"Imperva Inc. Products","product_id":"CSAFPID-15da7c9c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"HitmanPro","product":{"name":"HitmanPro Products","product_id":"CSAFPID-15dabc84-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Intervations Inc.","product":{"name":"Intervations Inc. Products","product_id":"CSAFPID-15dae5d8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Honeywell","product":{"name":"Honeywell Products","product_id":"CSAFPID-15db12ba-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Go Programming Language","product":{"name":"Go Programming Language Products","product_id":"CSAFPID-15db3a10-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cerulean Studios","product":{"name":"Cerulean Studios Products","product_id":"CSAFPID-15db603a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lsh","product":{"name":"lsh Products","product_id":"CSAFPID-15db87d6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Exemys","product":{"name":"Exemys Products","product_id":"CSAFPID-15dbaedc-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LibTom","product":{"name":"LibTom Products","product_id":"CSAFPID-15dbdd94-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"BIO-ISAC","product":{"name":"BIO-ISAC Products","product_id":"CSAFPID-15dc180e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"CKAN","product":{"name":"CKAN Products","product_id":"CSAFPID-15dc4c70-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cryptlib","product":{"name":"Cryptlib Products","product_id":"CSAFPID-15dc7236-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Dahua Security","product":{"name":"Dahua Security Products","product_id":"CSAFPID-15dca2b0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cox Communications","product":{"name":"Cox Communications Products","product_id":"CSAFPID-15dce9f0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"KardiaMobile","product":{"name":"KardiaMobile Products","product_id":"CSAFPID-15dd1812-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"DICOM","product":{"name":"DICOM Products","product_id":"CSAFPID-15dd6c68-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"FreeBSD","product":{"name":"FreeBSD Products","product_id":"CSAFPID-15dda548-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Altair","product":{"name":"Altair Products","product_id":"CSAFPID-15de0362-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-15de3efe-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Snap One","product":{"name":"Snap One Products","product_id":"CSAFPID-15de6f6e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Broadcom","product":{"name":"Broadcom Products","product_id":"CSAFPID-15de9ff2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Mutiny Technologies","product":{"name":"Mutiny Technologies Products","product_id":"CSAFPID-15e0f0e0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ST Engineering North America, Inc (Aethon)","product":{"name":"ST Engineering North America, Inc (Aethon) Products","product_id":"CSAFPID-15e1376c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ContentKeeper","product":{"name":"ContentKeeper Products","product_id":"CSAFPID-15e17ad8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Palisade Systems","product":{"name":"Palisade Systems Products","product_id":"CSAFPID-15e1ab2a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-15e1dc12-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Supermicro","product":{"name":"Supermicro Products","product_id":"CSAFPID-15e21164-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-15e24274-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"CODESYS GMBH","product":{"name":"CODESYS GMBH Products","product_id":"CSAFPID-15e2832e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Valmet","product":{"name":"Valmet Products","product_id":"CSAFPID-15e2ade0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ffmpeg","product":{"name":"ffmpeg Products","product_id":"CSAFPID-15e2e896-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Pyramid Solutions","product":{"name":"Pyramid Solutions Products","product_id":"CSAFPID-15e31744-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-15e34408-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Konica Minolta","product":{"name":"Konica Minolta Products","product_id":"CSAFPID-15e37acc-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Sonatype","product":{"name":"Sonatype Products","product_id":"CSAFPID-15e3a81c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-15e3d120-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Secheron","product":{"name":"Secheron Products","product_id":"CSAFPID-15e41176-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Security Onion Solutions","product":{"name":"Security Onion Solutions Products","product_id":"CSAFPID-15e437f0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Woodstone","product":{"name":"Woodstone Products","product_id":"CSAFPID-15e46c2a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Ubuntu","product":{"name":"Ubuntu Products","product_id":"CSAFPID-15e494de-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-15e4c512-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Bayer","product":{"name":"Bayer Products","product_id":"CSAFPID-15e56616-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Artifex Software Inc.","product":{"name":"Artifex Software Inc. Products","product_id":"CSAFPID-15e59ce4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"MikroTik","product":{"name":"MikroTik Products","product_id":"CSAFPID-15e5e046-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NetBSD","product":{"name":"NetBSD Products","product_id":"CSAFPID-15e61eee-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Samba","product":{"name":"Samba Products","product_id":"CSAFPID-15e64e0a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Palo Alto Networks","product":{"name":"Palo Alto Networks Products","product_id":"CSAFPID-15e67eac-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OpenSSL","product":{"name":"OpenSSL Products","product_id":"CSAFPID-15e6ad78-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Zscaler","product":{"name":"Zscaler Products","product_id":"CSAFPID-15e6e914-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Entr'ouvert","product":{"name":"Entr'ouvert Products","product_id":"CSAFPID-15e71ab0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"pfSense","product":{"name":"pfSense Products","product_id":"CSAFPID-15e7562e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"MultiTech","product":{"name":"MultiTech Products","product_id":"CSAFPID-15e79ca6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wi-Fi Alliance","product":{"name":"Wi-Fi Alliance Products","product_id":"CSAFPID-15e7ed6e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OrbiTeam Software GmbH","product":{"name":"OrbiTeam Software GmbH Products","product_id":"CSAFPID-15e83ac6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Ovarro","product":{"name":"Ovarro Products","product_id":"CSAFPID-15e87ba8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Mitsubishi Electric Corporation","product":{"name":"Mitsubishi Electric Corporation Products","product_id":"CSAFPID-15e8adf8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-15e8dce2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Tychon","product":{"name":"Tychon Products","product_id":"CSAFPID-15e906cc-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OTRS","product":{"name":"OTRS Products","product_id":"CSAFPID-15e9328c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-15e9765c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Squid","product":{"name":"Squid Products","product_id":"CSAFPID-15e9ad84-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wago","product":{"name":"Wago Products","product_id":"CSAFPID-15e9dd36-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OpenSSH","product":{"name":"OpenSSH Products","product_id":"CSAFPID-15ea1ac6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LibreOffice","product":{"name":"LibreOffice Products","product_id":"CSAFPID-15ea4f28-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Lacework","product":{"name":"Lacework Products","product_id":"CSAFPID-15ea82a4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Peplink","product":{"name":"Peplink Products","product_id":"CSAFPID-15eab18e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Citrix","product":{"name":"Citrix Products","product_id":"CSAFPID-15eae33e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OpenWRT","product":{"name":"OpenWRT Products","product_id":"CSAFPID-15eb1214-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Hikvision","product":{"name":"Hikvision Products","product_id":"CSAFPID-15eb4d74-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Liferay","product":{"name":"Liferay Products","product_id":"CSAFPID-15eb7e84-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Commvault","product":{"name":"Commvault Products","product_id":"CSAFPID-15ebad32-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Automated Solutions","product":{"name":"Automated Solutions Products","product_id":"CSAFPID-15ebe6bc-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Garmin International, Inc.","product":{"name":"Garmin International, Inc. Products","product_id":"CSAFPID-15ec1c40-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"The Echo Group","product":{"name":"The Echo Group Products","product_id":"CSAFPID-15ec4bac-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Modbus Tools","product":{"name":"Modbus Tools Products","product_id":"CSAFPID-15ec8cd4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Advantech Czech","product":{"name":"Advantech Czech Products","product_id":"CSAFPID-15ecc7f8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"PostgreSQL","product":{"name":"PostgreSQL Products","product_id":"CSAFPID-15ed105a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"HitmanPro","product":{"name":"HitmanPro Products","product_id":"CSAFPID-15ed4bf6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"BIO-ISAC","product":{"name":"BIO-ISAC Products","product_id":"CSAFPID-15ed74b4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Securepoint GmbH","product":{"name":"Securepoint GmbH Products","product_id":"CSAFPID-15eda98e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fujitsu Europe","product":{"name":"Fujitsu Europe Products","product_id":"CSAFPID-15edd63e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Chocolatey Software","product":{"name":"Chocolatey Software Products","product_id":"CSAFPID-15ee0186-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Nozomi Networks","product":{"name":"Nozomi Networks Products","product_id":"CSAFPID-15ee2a1c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Crestron Electronics","product":{"name":"Crestron Electronics Products","product_id":"CSAFPID-15ee6248-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Iconics Inc.","product":{"name":"Iconics Inc. Products","product_id":"CSAFPID-15ee9d12-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"plixer","product":{"name":"plixer Products","product_id":"CSAFPID-15eee5ec-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Digi International","product":{"name":"Digi International Products","product_id":"CSAFPID-15ef1dbe-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Macrium","product":{"name":"Macrium Products","product_id":"CSAFPID-15ef4f50-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"VanDyke Software","product":{"name":"VanDyke Software Products","product_id":"CSAFPID-15ef7cfa-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Apache Solr","product":{"name":"Apache Solr Products","product_id":"CSAFPID-15efda2e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Applied Informatics GmbH","product":{"name":"Applied Informatics GmbH Products","product_id":"CSAFPID-15f01b7e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-15f0567a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SAS","product":{"name":"SAS Products","product_id":"CSAFPID-15f0a36e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-15f0d5c8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Newrelic","product":{"name":"Newrelic Products","product_id":"CSAFPID-15f11394-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Zammad","product":{"name":"Zammad Products","product_id":"CSAFPID-15f14e40-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"QPR Software","product":{"name":"QPR Software Products","product_id":"CSAFPID-15f182e8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Atos SE","product":{"name":"Atos SE Products","product_id":"CSAFPID-15f1b8c6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Ubuntu","product":{"name":"Ubuntu Products","product_id":"CSAFPID-15f222a2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Mutiny Technologies","product":{"name":"Mutiny Technologies Products","product_id":"CSAFPID-15f26faa-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AVM GmbH","product":{"name":"AVM GmbH Products","product_id":"CSAFPID-15f34c40-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-15f39402-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Mobatek","product":{"name":"Mobatek Products","product_id":"CSAFPID-15f3cbd4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ST Engineering North America, Inc (Aethon)","product":{"name":"ST Engineering North America, Inc (Aethon) Products","product_id":"CSAFPID-15f3fde8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lwIP","product":{"name":"lwIP Products","product_id":"CSAFPID-15f4365a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ACROS Security","product":{"name":"ACROS Security Products","product_id":"CSAFPID-15f46404-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ContentKeeper","product":{"name":"ContentKeeper Products","product_id":"CSAFPID-15f4a414-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Palisade Systems","product":{"name":"Palisade Systems Products","product_id":"CSAFPID-15f4dfd8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-15f50d00-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SolarWinds","product":{"name":"SolarWinds Products","product_id":"CSAFPID-15f565e8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Insyde Software Corporation","product":{"name":"Insyde Software Corporation Products","product_id":"CSAFPID-15f5a972-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Supermicro","product":{"name":"Supermicro Products","product_id":"CSAFPID-15f5d488-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Exemys","product":{"name":"Exemys Products","product_id":"CSAFPID-15f5ffb2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lighttpd","product":{"name":"lighttpd Products","product_id":"CSAFPID-15f62cee-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"CODESYS GMBH","product":{"name":"CODESYS GMBH Products","product_id":"CSAFPID-15f66736-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"WinSCP","product":{"name":"WinSCP Products","product_id":"CSAFPID-15f6b204-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Snap One","product":{"name":"Snap One Products","product_id":"CSAFPID-15f7287e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Adobe","product":{"name":"Adobe Products","product_id":"CSAFPID-15f9e316-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ffmpeg","product":{"name":"ffmpeg Products","product_id":"CSAFPID-15fa1854-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Zyxel","product":{"name":"Zyxel Products","product_id":"CSAFPID-15fa5d5a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"ETIC Telecom","product":{"name":"ETIC Telecom Products","product_id":"CSAFPID-15fa90c2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wireshark","product":{"name":"Wireshark Products","product_id":"CSAFPID-15facf1a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Moxa","product":{"name":"Moxa Products","product_id":"CSAFPID-15fb0840-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Toshiba Corporation","product":{"name":"Toshiba Corporation Products","product_id":"CSAFPID-15fb6b50-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Phoenix Contact","product":{"name":"Phoenix Contact Products","product_id":"CSAFPID-15fba9e4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Real-Time Innovations (RTI)","product":{"name":"Real-Time Innovations (RTI) Products","product_id":"CSAFPID-15fbd752-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Silicon Labs","product":{"name":"Silicon Labs Products","product_id":"CSAFPID-15fc0a4c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Rockwell Automation","product":{"name":"Rockwell Automation Products","product_id":"CSAFPID-15fc4eda-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Roche Diagnostics International AG","product":{"name":"Roche Diagnostics International AG Products","product_id":"CSAFPID-15fc80d0-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"BR Industrial Automation","product":{"name":"BR Industrial Automation Products","product_id":"CSAFPID-15fcac2c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"BitZipper","product":{"name":"BitZipper Products","product_id":"CSAFPID-15fce93a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Navis","product":{"name":"Navis Products","product_id":"CSAFPID-15fd1572-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Veracode","product":{"name":"Veracode Products","product_id":"CSAFPID-15fd51d6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Keysight Technologies","product":{"name":"Keysight Technologies Products","product_id":"CSAFPID-15fd8ec6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Proxmox Server Solutions","product":{"name":"Proxmox Server Solutions Products","product_id":"CSAFPID-15fdd2e6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Baramundi Software","product":{"name":"Baramundi Software Products","product_id":"CSAFPID-15fe36e6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Check Point","product":{"name":"Check Point Products","product_id":"CSAFPID-15fe72d2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"B. Braun","product":{"name":"B. Braun Products","product_id":"CSAFPID-15fea1e4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Barracuda Networks","product":{"name":"Barracuda Networks Products","product_id":"CSAFPID-15fedb14-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Allegro Software Development Corporation","product":{"name":"Allegro Software Development Corporation Products","product_id":"CSAFPID-15ff1d04-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"National Instruments (NI)","product":{"name":"National Instruments (NI) Products","product_id":"CSAFPID-15ff5f3a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AirDroid","product":{"name":"AirDroid Products","product_id":"CSAFPID-15ffa260-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Sophos","product":{"name":"Sophos Products","product_id":"CSAFPID-15fff99a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Unify Software and Solutions GmbH and Co. KG","product":{"name":"Unify Software and Solutions GmbH and Co. KG Products","product_id":"CSAFPID-16003d2e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"LibTom","product":{"name":"LibTom Products","product_id":"CSAFPID-1600765e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Lion Controls","product":{"name":"Red Lion Controls Products","product_id":"CSAFPID-1600a840-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"FreeBSD","product":{"name":"FreeBSD Products","product_id":"CSAFPID-1600d248-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"DNSFilter","product":{"name":"DNSFilter Products","product_id":"CSAFPID-1600f962-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-16013ca6-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wind River","product":{"name":"Wind River Products","product_id":"CSAFPID-160174fa-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Miredo","product":{"name":"Miredo Products","product_id":"CSAFPID-1601b262-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NGINX","product":{"name":"NGINX Products","product_id":"CSAFPID-1601ed90-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Menlo Security","product":{"name":"Menlo Security Products","product_id":"CSAFPID-16022814-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"HardenedBSD","product":{"name":"HardenedBSD Products","product_id":"CSAFPID-1602735a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fuji Electric and Hakko Electric","product":{"name":"Fuji Electric and Hakko Electric Products","product_id":"CSAFPID-1602ad3e-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Inductive Automation","product":{"name":"Inductive Automation Products","product_id":"CSAFPID-1602fe9c-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cerberus LLC","product":{"name":"Cerberus LLC Products","product_id":"CSAFPID-16032eb2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Splunk","product":{"name":"Splunk Products","product_id":"CSAFPID-160373f4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NetComm Wireless Limited","product":{"name":"NetComm Wireless Limited Products","product_id":"CSAFPID-1603b2d8-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-1603f176-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"KardiaMobile","product":{"name":"KardiaMobile Products","product_id":"CSAFPID-1604391a-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-16046bc4-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Pyramid Solutions","product":{"name":"Pyramid Solutions Products","product_id":"CSAFPID-1604a396-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"X.org Foundation","product":{"name":"X.org Foundation Products","product_id":"CSAFPID-1604e4d2-3b64-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-16052820-3b64-11f1-8422-122e2785dc9f"}}]}}