U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2018-7185

Change History

Modified Analysis by NIST 6/18/2020 4:17:01 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m10-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2361
     OR
          cpe:2.3:h:oracle:fujitsu_m10-1:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m10-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3070
     OR
          cpe:2.3:h:oracle:fujitsu_m10-1:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m10-4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2361
     OR
          cpe:2.3:h:oracle:fujitsu_m10-4:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m10-4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3070
     OR
          cpe:2.3:h:oracle:fujitsu_m10-4:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m10-4s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2361
     OR
          cpe:2.3:h:oracle:fujitsu_m10-4s:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m10-4s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3070
     OR
          cpe:2.3:h:oracle:fujitsu_m10-4s:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m12-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2361
     OR
          cpe:2.3:h:oracle:fujitsu_m12-1:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m12-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3070
     OR
          cpe:2.3:h:oracle:fujitsu_m12-1:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m12-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2361
     OR
          cpe:2.3:h:oracle:fujitsu_m12-2:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m12-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3070
     OR
          cpe:2.3:h:oracle:fujitsu_m12-2:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m12-2s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2361
     OR
          cpe:2.3:h:oracle:fujitsu_m12-2s:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:oracle:fujitsu_m12-2s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3070
     OR
          cpe:2.3:h:oracle:fujitsu_m12-2s:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:* versions up to (excluding) c.4.2.8.4.0
Changed CPE Configuration
OR
     *cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*
AND
     OR
          *cpe:2.3:o:synology:vs960hd_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.2.3-1505
     OR
          cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
OR
     *cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:* versions from (including) 4.2.6 up to (including) 4.2.8
     *cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*
OR
     *cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:* versions from (including) 4.2.6 up to (excluding) 4.2.8
     *cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:synology:diskstation_manager:5.2:*:*:*:*:*:*:*
     *cpe:2.3:a:synology:diskstation_manager:6.0:*:*:*:*:*:*:*
     *cpe:2.3:a:synology:diskstation_manager:6.1:*:*:*:*:*:*:*
     *cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*
     *cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*
     *cpe:2.3:a:synology:virtual_diskstation_manager:-:*:*:*:*:*:*:*
OR
     *cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:* versions from (including) 5.2 up to (excluding) 6.1.6-15266
     *cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:* versions from (including) 1.1 up to (excluding) 1.1.6-6931-3
     *cpe:2.3:a:synology:skynas:*:*:*:*:*:*:*:* versions up to (excluding) 6.1.5-15254
     *cpe:2.3:a:synology:virtual_diskstation_manager:*:*:*:*:*:*:*:* versions up to (excluding) 6.1.6-15266
Removed CPE Configuration
OR
     *cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*
     *cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*
     *cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:*

								
						
Removed CVSS V3
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

								
						
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Changed Reference Type
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us No Types Assigned
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us Third Party Advisory
Changed Reference Type
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html No Types Assigned
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Third Party Advisory