{"asset":{"fqdn":"example.com","hostname":"89.160.20.112","uuid":"cf165808-6a31-48e1-9cf3-c6c3174df51d","ipv4":"81.2.69.142","operating_system":["Apple Mac OS X 10.5.8"],"network_id":"00000000-0000-0000-0000-000000000000","tracked":true},"output":"The observed version of Google Chrome is : \n Chrome/21.0.1180.90","plugin":{"cve":["CVE-2016-1620","CVE-2016-1614","CVE-2016-1613","CVE-2016-1612","CVE-2016-1618","CVE-2016-1617","CVE-2016-1616","CVE-2016-1615","CVE-2016-1619"],"cvss_base_score": 9.3,"cvss_temporal_score":6.9,"cvss_temporal_vector":{"exploitability":"Unproven","remediation_level":"Official-fix","report_confidence":"Confirmed","raw":"E:U/RL:OF/RC:C"},"cvss_vector":{"access_complexity":"Medium","access_vector":"Network","authentication":"None required","confidentiality_impact":"Complete","integrity_impact":"Complete","availability_impact":"Complete","raw":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},"description":"The version of Google Chrome on the remote host is prior to 48.0.2564.82 and is affected by the following vulnerabilities: \n\n - An unspecified vulnerability exists in Google V8 when handling compatible receiver checks hidden behind receptors. An attacker can exploit this to have an unspecified impact. No other details are available. (CVE-2016-1612)\n - A use-after-free error exists in `PDFium` due to improper invalidation of `IPWL_FocusHandler` and `IPWL_Provider` upon destruction. An attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1613)\n - An unspecified vulnerability exists in `Blink` that is related to the handling of bitmaps. An attacker can exploit this to access sensitive information. No other details are available. (CVE-2016-1614)\n - An unspecified vulnerability exists in `omnibox` that is related to origin confusion. An attacker can exploit this to have an unspecified impact. No other details are available. (CVE-2016-1615)\n - An unspecified vulnerability exists that allows an attacker to spoof a displayed URL. No other details are available. (CVE-2016-1616)\n - An unspecified vulnerability exists that is related to history sniffing with HSTS and CSP. No other details are available. (CVE-2016-1617)\n - A flaw exists in `Blink` due to the weak generation of random numbers by the ARC4-based random number generator. An attacker can exploit this to gain access to sensitive information. No other details are available. (CVE-2016-1618)\n - An out-of-bounds read error exists in `PDFium` in file `fx_codec_jpx_opj.cpp` in the `sycc4{22,44}_to_rgb()` functions. An attacker can exploit this to cause a denial of service by crashing the application linked using the library. (CVE-2016-1619)\n - Multiple vulnerabilities exist, the most serious of which allow an attacker to execute arbitrary code via a crafted web page. (CVE-2016-1620)\n - A flaw in `objects.cc` is triggered when handling cleared `WeakCells`, which may allow a context-dependent attacker to have an unspecified impact. No further details have been provided. (CVE-2016-2051)","family":"Web Clients","family_id": 1000020,"has_patch":false,"id":9062,"name":"Google Chrome < 48.0.2564.82 Multiple Vulnerabilities","risk_factor":"HIGH","see_also":["http://googlechromereleases.blogspot.com/2016/01/beta-channel-update_20.html"],"solution":"Update the Chrome browser to 48.0.2564.82 or later.","synopsis":"The remote host is utilizing a web browser that is affected by multiple vulnerabilities.","vpr":{"score":5.9,"drivers":{"age_of_vuln":{"lower_bound":366,"upper_bound":730},"exploit_code_maturity":"UNPROVEN","cvss_impact_score_predicted":false,"cvss3_impact_score":5.9,"threat_intensity_last28":"VERY_LOW","threat_sources_last28":["No recorded events"],"product_coverage":"LOW"},"updated":"2019-12-31T10:08:58Z"}},"port":{"port":"0","protocol":"TCP"},"scan":{"completed_at":"2018-12-31T20:59:47Z","schedule_uuid":"6f7db010-9cb6-4870-b745-70a2aea2f81ce1b6640fe8a2217b","started_at":"2018-12-31T20:59:47Z","uuid":"0e55ec5d-c7c7-4673-a618-438a84e9d1b78af3a9957a077904"},"severity":"low","severity_id":3,"severity_default_id":3,"severity_modification_type":"NONE","first_found":"2018-12-31T20:59:47Z","last_found":"2018-12-31T20:59:47Z","indexed":"2022-11-30T14:09:12.061Z","state":"OPEN"}

{"asset":{"fqdn":"elastic1.sys.local","hostname":"89.160.20.113","uuid":"ca165808-6a31-48e1-9cf3-c6c3174df51d","ipv4":"81.2.69.144","operating_system":["CentOS Linux 7.9.2009", "Linux Kernel 3.10.0-1160.119.1.el7.x86_64 on CentOS Linux release 7.9.2009 (Core)"],"network_id":"00000000-0000-0000-0000-000000000000","tracked":true},"output":"\n Path : /opt/jdk-11.0.2/\n Installed version : 11.0.2\n Fixed version : Upgrade to a version greater than 11.0.18\n\n\n\n Path : /usr/java/jdk1.8.0_232-cloudera/\n Installed version : 8.0.232\n Fixed version : Upgrade to a version greater than 8u362\n","plugin":{"vuln_publication_date":"2023-04-18T00:00:00Z","cve":["CVE-2016-1620","CVE-2016-1614","CVE-2016-1613","CVE-2016-1612","CVE-2016-1618","CVE-2016-1617","CVE-2016-1616","CVE-2016-1615","CVE-2016-1619"],"cvss_base_score": 9.3,"cvss_temporal_score":6.9,"cvss_temporal_vector":{"exploitability":"Unproven","remediation_level":"Official-fix","report_confidence":"Confirmed","raw":"E:U/RL:OF/RC:C"},"cvss_vector":{"access_complexity":"Medium","access_vector":"Network","authentication":"None required","confidentiality_impact":"Complete","integrity_impact":"Complete","availability_impact":"Complete","raw":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},"description":"The version of Google Chrome on the remote host is prior to 48.0.2564.82 and is affected by the following vulnerabilities: \n\n - An unspecified vulnerability exists in Google V8 when handling compatible receiver checks hidden behind receptors. An attacker can exploit this to have an unspecified impact. No other details are available. (CVE-2016-1612)\n - A use-after-free error exists in `PDFium` due to improper invalidation of `IPWL_FocusHandler` and `IPWL_Provider` upon destruction. An attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1613)\n - An unspecified vulnerability exists in `Blink` that is related to the handling of bitmaps. An attacker can exploit this to access sensitive information. No other details are available. (CVE-2016-1614)\n - An unspecified vulnerability exists in `omnibox` that is related to origin confusion. An attacker can exploit this to have an unspecified impact. No other details are available. (CVE-2016-1615)\n - An unspecified vulnerability exists that allows an attacker to spoof a displayed URL. No other details are available. (CVE-2016-1616)\n - An unspecified vulnerability exists that is related to history sniffing with HSTS and CSP. No other details are available. (CVE-2016-1617)\n - A flaw exists in `Blink` due to the weak generation of random numbers by the ARC4-based random number generator. An attacker can exploit this to gain access to sensitive information. No other details are available. (CVE-2016-1618)\n - An out-of-bounds read error exists in `PDFium` in file `fx_codec_jpx_opj.cpp` in the `sycc4{22,44}_to_rgb()` functions. An attacker can exploit this to cause a denial of service by crashing the application linked using the library. (CVE-2016-1619)\n - Multiple vulnerabilities exist, the most serious of which allow an attacker to execute arbitrary code via a crafted web page. (CVE-2016-1620)\n - A flaw in `objects.cc` is triggered when handling cleared `WeakCells`, which may allow a context-dependent attacker to have an unspecified impact. No further details have been provided. (CVE-2016-2051)","family":"Web Clients","family_id": 1000020,"has_patch":false,"id":9062,"name":"Google Chrome < 48.0.2564.82 Multiple Vulnerabilities","risk_factor":"HIGH","see_also":["http://googlechromereleases.blogspot.com/2016/01/beta-channel-update_20.html"],"solution":"Update the Chrome browser to 48.0.2564.82 or later.","synopsis":"The remote host is utilizing a web browser that is affected by multiple vulnerabilities.","vpr":{"score":5.9,"drivers":{"age_of_vuln":{"lower_bound":366,"upper_bound":730},"exploit_code_maturity":"UNPROVEN","cvss_impact_score_predicted":false,"cvss3_impact_score":5.9,"threat_intensity_last28":"VERY_LOW","threat_sources_last28":["No recorded events"],"product_coverage":"LOW"},"updated":"2019-12-31T10:08:58Z"}},"port":{"port":"0","protocol":"TCP"},"scan":{"completed_at":"2018-12-31T20:59:47Z","schedule_uuid":"6f7db010-9cb6-4870-b745-70a2aea2f81ce1b6640fe8a2217b","started_at":"2018-12-31T20:59:47Z","uuid":"0e55ec5d-c7c7-4673-a618-438a84e9d1b78af3a9957a077904"},"severity":"low","severity_id":3,"severity_default_id":3,"severity_modification_type":"NONE","finding_id":"84f45a4f-2277-52e0-b84f-2bb96a853123","first_found":"2018-12-31T20:59:47Z","last_found":"2018-12-31T20:59:47Z","indexed":"2022-11-30T14:09:12.061Z","state":"OPEN"}

{"asset":{"fqdn":"elastic2.sys.local","hostname":"89.160.20.114","uuid":"cb165808-6a31-48e1-9cf3-c6c3174df51d","ipv4":"81.2.69.143","operating_system":["CentOS Linux 7.9.2009", "Linux Kernel 3.10.0-1160.119.1.el7.x86_64 on CentOS Linux release 7.9.2009 (Core)"],"network_id":"00000000-0000-0000-0000-000000000000","tracked":true},"output":"\nRemote package installed : kernel-3.10.0-1160.76.1.el7\nShould be : kernel-3.10.0-1160.102.1.el7\n\nRemote package installed : kernel-debug-devel-3.10.0-1160.76.1.el7\nShould be : kernel-debug-devel-3.10.0-1160.102.1.el7\n\nRemote package installed : kernel-tools-3.10.0-1160.76.1.el7\nShould be : kernel-tools-3.10.0-1160.102.1.el7\n\nRemote package installed : kernel-tools-libs-3.10.0-1160.76.1.el7\nShould be : kernel-tools-libs-3.10.0-1160.102.1.el7\n\nRemote package installed : python-perf-3.10.0-1160.76.1.el7\nShould be : python-perf-3.10.0-1160.102.1.el7\n\n","plugin":{"vuln_publication_date":"2024-04-18T00:00:00Z","cve":["CVE-2016-1620","CVE-2016-1614","CVE-2016-1613","CVE-2016-1612","CVE-2016-1618","CVE-2016-1617","CVE-2016-1616","CVE-2016-1615","CVE-2016-1619"],"cvss_base_score": 9.3,"cvss_temporal_score":6.9,"cvss_temporal_vector":{"exploitability":"Unproven","remediation_level":"Official-fix","report_confidence":"Confirmed","raw":"E:U/RL:OF/RC:C"},"cvss_vector":{"access_complexity":"Medium","access_vector":"Network","authentication":"None required","confidentiality_impact":"Complete","integrity_impact":"Complete","availability_impact":"Complete","raw":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},"description":"The version of Google Chrome on the remote host is prior to 48.0.2564.82 and is affected by the following vulnerabilities: \n\n - An unspecified vulnerability exists in Google V8 when handling compatible receiver checks hidden behind receptors. An attacker can exploit this to have an unspecified impact. No other details are available. (CVE-2016-1612)\n - A use-after-free error exists in `PDFium` due to improper invalidation of `IPWL_FocusHandler` and `IPWL_Provider` upon destruction. An attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1613)\n - An unspecified vulnerability exists in `Blink` that is related to the handling of bitmaps. An attacker can exploit this to access sensitive information. No other details are available. (CVE-2016-1614)\n - An unspecified vulnerability exists in `omnibox` that is related to origin confusion. An attacker can exploit this to have an unspecified impact. No other details are available. (CVE-2016-1615)\n - An unspecified vulnerability exists that allows an attacker to spoof a displayed URL. No other details are available. (CVE-2016-1616)\n - An unspecified vulnerability exists that is related to history sniffing with HSTS and CSP. No other details are available. (CVE-2016-1617)\n - A flaw exists in `Blink` due to the weak generation of random numbers by the ARC4-based random number generator. An attacker can exploit this to gain access to sensitive information. No other details are available. (CVE-2016-1618)\n - An out-of-bounds read error exists in `PDFium` in file `fx_codec_jpx_opj.cpp` in the `sycc4{22,44}_to_rgb()` functions. An attacker can exploit this to cause a denial of service by crashing the application linked using the library. (CVE-2016-1619)\n - Multiple vulnerabilities exist, the most serious of which allow an attacker to execute arbitrary code via a crafted web page. (CVE-2016-1620)\n - A flaw in `objects.cc` is triggered when handling cleared `WeakCells`, which may allow a context-dependent attacker to have an unspecified impact. No further details have been provided. (CVE-2016-2051)","family":"Web Clients","family_id": 1000020,"has_patch":false,"id":9062,"name":"Google Chrome < 48.0.2564.82 Multiple Vulnerabilities","risk_factor":"HIGH","see_also":["http://googlechromereleases.blogspot.com/2016/01/beta-channel-update_20.html"],"solution":"Update the Chrome browser to 48.0.2564.82 or later.","synopsis":"The remote host is utilizing a web browser that is affected by multiple vulnerabilities.","vpr":{"score":5.9,"drivers":{"age_of_vuln":{"lower_bound":366,"upper_bound":730},"exploit_code_maturity":"UNPROVEN","cvss_impact_score_predicted":false,"cvss3_impact_score":5.9,"threat_intensity_last28":"VERY_LOW","threat_sources_last28":["No recorded events"],"product_coverage":"LOW"},"updated":"2019-12-31T10:08:58Z"}},"port":{"port":"0","protocol":"TCP"},"scan":{"completed_at":"2018-12-31T20:59:47Z","schedule_uuid":"6f7db010-9cb6-4870-b745-70a2aea2f81ce1b6640fe8a2217b","started_at":"2018-12-31T20:59:47Z","uuid":"0e55ec5d-c7c7-4673-a618-438a84e9d1b78af3a9957a077904"},"severity":"low","severity_id":3,"severity_default_id":3,"severity_modification_type":"NONE","finding_id":"84f45a4f-2277-52e0-b84f-2bb96a853123","first_found":"2018-12-31T20:59:47Z","last_found":"2018-12-31T20:59:47Z","indexed":"2022-11-30T14:09:12.061Z","state":"OPEN"}