search

CiscoPSIRT / openVulnAPI

Documentation and Tools for Cisco's PSIRT openVuln API
https://developer.cisco.com/psirt/
MIT License
102 stars 52 forks source link

JSON export "full_product_name_list" not always a list #15

Closed cmsirbu closed 7 years ago

cmsirbu commented 7 years ago

This field is not consistent - if the list has 0 or 1 values then it is not written as a list, but rather as a single value.

cisco-sa-20151218-ios has multiple affected versions so the export is:

    {
        "advisory_id": "cisco-sa-20151218-ios", 
        "full_product_name_list": [
            "Cisco IOS 15.4(3)S", 
            "Cisco IOS 15.5(3)M", 
            "Cisco IOS 15.5(3)M1", 
            "Cisco IOS 15.5(1)S", 
            "Cisco IOS 15.5(2)S", 
            "Cisco IOS 15.5(3)S", 
            "Cisco IOS 15.5(3)S1", 
            "Cisco IOS 15.5(1)T", 
            "Cisco IOS 15.5(2)T", 
            "Cisco IOS 15.6(1)T0a", 
            "Cisco IOS XE Software 3.15S 3.15.0S", 
            "Cisco IOS XE Software 3.15S 3.15.1S", 
            "Cisco IOS XE Software 3.15S 3.15.2S", 
            "Cisco IOS XE Software 3.17S 3.17.0S", 
            "Cisco IOS XE Software 3.17S 3.17.1S", 
            "Cisco IOS XE Software 3.16S 3.16.0S", 
            "Cisco IOS XE Software 3.16S 3.16.1S"
        ], 
    },

cisco-sa-20151217-pnsc has one affected version so the export is:

    {
        "advisory_id": "cisco-sa-20151217-pnsc", 
        "full_product_name_list": "Cisco Prime Network Services Controller 3.0.0", 
    },

This creates problems when parsing the JSON after an export, resulting parsing the string as a list of characters in the latter case above. Temporary fix has been to check the type, but this is not a real solution.

    version_list = advisory['full_product_name_list']
    if not isinstance(version_list, list):
        version_list = [version_list]

I found where the problem is in the code, but as far as I can tell it'll affect all of the export so I'm not sure how to solve the issue - and it's likely that more fields are affected than this one.

santosomar commented 7 years ago

@iamparas - this looks like it is in the output of openVulnQuery and not the API itself.

@cmsirbu - Thank you for reporting this Christian. You mentioned:

I found where the problem is in the code, but as far as I can tell it'll affect all of the export so I'm not sure how to solve the issue - and it's likely that more fields are affected than this one.

Can you please share any additional details on the problem within the code and we will take a look at it shortly?

iamparas commented 7 years ago

Hello @cmsirbu, We have updated our client code to reflect the new changes in the OpenVuln API. Our latest code resolves the issue you have mentioned. you can install latest version of openVulnQuery with pip install openVulnQuery.

cmsirbu commented 7 years ago

Awesome, I'll give it a spin after the holidays. Thanks!

santosomar commented 7 years ago

Thank you @iamparas ! Tested successfully.

cmsirbu commented 7 years ago

@santosomar @iamparas I've updated today and there are some big differences in the json output. I was wondering why all of a sudden my script was not giving me any results for the same data set, so I compared the json for the same advisory with the old code (the one used for opening this issue) and the new code.

The CVRF xml has all the product names, so perhaps there's a problem in the parser?

BEFORE:

        "advisory_id": "cisco-sa-20160928-ios-ikev1", 
        "cves": [
            "CVE-2016-6381"
        ], 
        "cvrf_url": "https://tools.cisco.com/security/center/contentxml/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1/cvrf/cisco-sa-20160928-ios-ikev1_cvrf.xml", 
        "document_title": "Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability", 
        "first_published": "2016-09-28T21:00:00+0000", 
        "full_product_name_list": [
            "Cisco IOS 12.4(22)GC1", 
            "Cisco IOS 12.4(24)GC1", 
            "Cisco IOS 12.4(24)GC3", 
            "Cisco IOS 12.4(24)GC3a", 
            "Cisco IOS 12.4(24)GC4", 
            "Cisco IOS 12.4(24)GC5", 
            "Cisco IOS 12.4(22)MD", 
            "Cisco IOS 12.4(22)MD1", 
            "Cisco IOS 12.4(22)MD2", 
            "Cisco IOS 12.4(24)MD", 
            "Cisco IOS 12.4(24)MD1", 
            "Cisco IOS 12.4(24)MD2", 
            "Cisco IOS 12.4(24)MD3", 
            "Cisco IOS 12.4(24)MD4", 
            "Cisco IOS 12.4(24)MD5", 
            "Cisco IOS 12.4(24)MD6", 
            "Cisco IOS 12.4(24)MD7", 
            "Cisco IOS 12.4(22)MDA", 
            "Cisco IOS 12.4(22)MDA1", 
            "Cisco IOS 12.4(22)MDA2", 
            "Cisco IOS 12.4(22)MDA3", 
            "Cisco IOS 12.4(22)MDA4", 
            "Cisco IOS 12.4(22)MDA5", 
            "Cisco IOS 12.4(22)MDA6", 
            "Cisco IOS 12.4(24)MDA1", 
            "Cisco IOS 12.4(24)MDA10", 
            "Cisco IOS 12.4(24)MDA11", 
            "Cisco IOS 12.4(24)MDA12", 
            "Cisco IOS 12.4(24)MDA13", 
            "Cisco IOS 12.4(24)MDA2", 
            "Cisco IOS 12.4(24)MDA3", 
            "Cisco IOS 12.4(24)MDA4", 
            "Cisco IOS 12.4(24)MDA5", 
            "Cisco IOS 12.4(24)MDA6", 
            "Cisco IOS 12.4(24)MDA7", 
            "Cisco IOS 12.4(24)MDA8", 
            "Cisco IOS 12.4(24)MDA9", 
            "Cisco IOS 12.4(24)MDB", 
            "Cisco IOS 12.4(24)MDB1", 
            "Cisco IOS 12.4(24)MDB10", 
            "Cisco IOS 12.4(24)MDB11", 
            "Cisco IOS 12.4(24)MDB12", 
            "Cisco IOS 12.4(24)MDB13", 
            "Cisco IOS 12.4(24)MDB14", 
            "Cisco IOS 12.4(24)MDB15", 
            "Cisco IOS 12.4(24)MDB16", 
            "Cisco IOS 12.4(24)MDB17", 
            "Cisco IOS 12.4(24)MDB18", 
            "Cisco IOS 12.4(24)MDB19", 
            "Cisco IOS 12.4(24)MDB3", 
            "Cisco IOS 12.4(24)MDB4", 
            "Cisco IOS 12.4(24)MDB5", 
            "Cisco IOS 12.4(24)MDB5a", 
            "Cisco IOS 12.4(24)MDB6", 
            "Cisco IOS 12.4(24)MDB7", 
            "Cisco IOS 12.4(24)MDB8", 
            "Cisco IOS 12.4(24)MDB9", 
            "Cisco IOS 12.4(20)MR", 
            "Cisco IOS 12.4(20)MR2", 
            "Cisco IOS 12.4(20)MRB", 
            "Cisco IOS 12.4(20)MRB1", 
            "Cisco IOS 12.4(15)T10", 
            "Cisco IOS 12.4(15)T11", 
            "Cisco IOS 12.4(15)T12", 
            "Cisco IOS 12.4(15)T13", 
            "Cisco IOS 12.4(15)T14", 
            "Cisco IOS 12.4(15)T15", 
            "Cisco IOS 12.4(15)T16", 
            "Cisco IOS 12.4(15)T17", 
            "Cisco IOS 12.4(15)T7", 
            "Cisco IOS 12.4(15)T8", 
            "Cisco IOS 12.4(15)T9", 
            "Cisco IOS 12.4(20)T1", 
            "Cisco IOS 12.4(20)T2", 
            "Cisco IOS 12.4(20)T3", 
            "Cisco IOS 12.4(20)T4", 
            "Cisco IOS 12.4(20)T5", 
            "Cisco IOS 12.4(20)T6", 
            "Cisco IOS 12.4(22)T", 
            "Cisco IOS 12.4(22)T1", 
            "Cisco IOS 12.4(22)T2", 
            "Cisco IOS 12.4(22)T3", 
            "Cisco IOS 12.4(22)T4", 
            "Cisco IOS 12.4(22)T5", 
            "Cisco IOS 12.4(24)T", 
            "Cisco IOS 12.4(24)T1", 
            "Cisco IOS 12.4(24)T2", 
            "Cisco IOS 12.4(24)T3", 
            "Cisco IOS 12.4(24)T3e", 
            "Cisco IOS 12.4(24)T3f", 
            "Cisco IOS 12.4(24)T4", 
            "Cisco IOS 12.4(24)T4a", 
            "Cisco IOS 12.4(24)T4b", 
            "Cisco IOS 12.4(24)T4c", 
            "Cisco IOS 12.4(24)T4d", 
            "Cisco IOS 12.4(24)T4e", 
            "Cisco IOS 12.4(24)T4f", 
            "Cisco IOS 12.4(24)T4l", 
            "Cisco IOS 12.4(24)T5", 
            "Cisco IOS 12.4(24)T6", 
            "Cisco IOS 12.4(24)T7", 
            "Cisco IOS 12.4(24)T8", 
            "Cisco IOS 12.4(15)XL4", 
            "Cisco IOS 12.4(15)XL5", 
            "Cisco IOS 12.4(22)XR1", 
            "Cisco IOS 12.4(22)XR10", 
            "Cisco IOS 12.4(22)XR11", 
            "Cisco IOS 12.4(22)XR12", 
            "Cisco IOS 12.4(22)XR2", 
            "Cisco IOS 12.4(22)XR3", 
            "Cisco IOS 12.4(22)XR4", 
            "Cisco IOS 12.4(22)XR5", 
            "Cisco IOS 12.4(22)XR6", 
            "Cisco IOS 12.4(22)XR7", 
            "Cisco IOS 12.4(22)XR8", 
            "Cisco IOS 12.4(22)XR9", 
            "Cisco IOS 12.4(22)YB", 
            "Cisco IOS 12.4(22)YB1", 
            "Cisco IOS 12.4(22)YB2", 
            "Cisco IOS 12.4(22)YB3", 
            "Cisco IOS 12.4(22)YB4", 
            "Cisco IOS 12.4(22)YB5", 
            "Cisco IOS 12.4(22)YB6", 
            "Cisco IOS 12.4(22)YB7", 
            "Cisco IOS 12.4(22)YB8", 
            "Cisco IOS 12.4(22)YD", 
            "Cisco IOS 12.4(22)YD1", 
            "Cisco IOS 12.4(22)YD2", 
            "Cisco IOS 12.4(22)YD3", 
            "Cisco IOS 12.4(22)YD4", 
            "Cisco IOS 12.4(22)YE", 
            "Cisco IOS 12.4(22)YE1", 
            "Cisco IOS 12.4(22)YE2", 
            "Cisco IOS 12.4(22)YE3", 
            "Cisco IOS 12.4(22)YE4", 
            "Cisco IOS 12.4(22)YE5", 
            "Cisco IOS 12.4(22)YE6", 
            "Cisco IOS 12.4(24)YE", 
            "Cisco IOS 12.4(24)YE1", 
            "Cisco IOS 12.4(24)YE2", 
            "Cisco IOS 12.4(24)YE3", 
            "Cisco IOS 12.4(24)YE3a", 
            "Cisco IOS 12.4(24)YE3b", 
            "Cisco IOS 12.4(24)YE3c", 
            "Cisco IOS 12.4(24)YE3d", 
            "Cisco IOS 12.4(24)YE3e", 
            "Cisco IOS 12.4(24)YE4", 
            "Cisco IOS 12.4(24)YE5", 
            "Cisco IOS 12.4(24)YE6", 
            "Cisco IOS 12.4(24)YE7", 
            "Cisco IOS 12.4(24)YG1", 
            "Cisco IOS 12.4(24)YG2", 
            "Cisco IOS 12.4(24)YG3", 
            "Cisco IOS 12.4(24)YG4", 
            "Cisco IOS 15.0(2)EB", 
            "Cisco IOS 15.0(2)EC", 
            "Cisco IOS 15.0(2)ED", 
            "Cisco IOS 15.0(2)ED1", 
            "Cisco IOS 15.0(2)EH", 
            "Cisco IOS 15.0(2)EJ", 
            "Cisco IOS 15.0(2)EJ1", 
            "Cisco IOS 15.0(2)EK", 
            "Cisco IOS 15.0(2)EK1", 
            "Cisco IOS 15.0(2)EX", 
            "Cisco IOS 15.0(2)EX1", 
            "Cisco IOS 15.0(2)EX10", 
            "Cisco IOS 15.0(2)EX2", 
            "Cisco IOS 15.0(2)EX3", 
            "Cisco IOS 15.0(2)EX4", 
            "Cisco IOS 15.0(2)EX5", 
            "Cisco IOS 15.0(2)EX8", 
            "Cisco IOS 15.0(2a)EX5", 
            "Cisco IOS 15.0(2)EY", 
            "Cisco IOS 15.0(2)EY1", 
            "Cisco IOS 15.0(2)EY2", 
            "Cisco IOS 15.0(2)EY3", 
            "Cisco IOS 15.0(2)EZ", 
            "Cisco IOS 15.0(1)M", 
            "Cisco IOS 15.0(1)M1", 
            "Cisco IOS 15.0(1)M10", 
            "Cisco IOS 15.0(1)M2", 
            "Cisco IOS 15.0(1)M3", 
            "Cisco IOS 15.0(1)M4", 
            "Cisco IOS 15.0(1)M5", 
            "Cisco IOS 15.0(1)M6", 
            "Cisco IOS 15.0(1)M7", 
            "Cisco IOS 15.0(1)M8", 
            "Cisco IOS 15.0(1)M9", 
            "Cisco IOS 15.0(1)MR", 
            "Cisco IOS 15.0(2)MR", 
            "Cisco IOS 15.0(1)S", 
            "Cisco IOS 15.0(1)S1", 
            "Cisco IOS 15.0(1)S2", 
            "Cisco IOS 15.0(1)S3a", 
            "Cisco IOS 15.0(1)S4", 
            "Cisco IOS 15.0(1)S4a", 
            "Cisco IOS 15.0(1)S5", 
            "Cisco IOS 15.0(1)S6", 
            "Cisco IOS 15.0(2)SE", 
            "Cisco IOS 15.0(2)SE1", 
            "Cisco IOS 15.0(2)SE2", 
            "Cisco IOS 15.0(2)SE3", 
            "Cisco IOS 15.0(2)SE4", 
            "Cisco IOS 15.0(2)SE5", 
            "Cisco IOS 15.0(2)SE6", 
            "Cisco IOS 15.0(2)SE7", 
            "Cisco IOS 15.0(2)SE9", 
            "Cisco IOS 15.0(2a)SE9", 
            "Cisco IOS 15.0(1)XA", 
            "Cisco IOS 15.0(1)XA1", 
            "Cisco IOS 15.0(1)XA2", 
            "Cisco IOS 15.0(1)XA3", 
            "Cisco IOS 15.0(1)XA4", 
            "Cisco IOS 15.0(1)XA5", 
            "Cisco IOS 15.1(2)EY", 
            "Cisco IOS 15.1(2)EY1a", 
            "Cisco IOS 15.1(2)EY2", 
            "Cisco IOS 15.1(2)EY2a", 
            "Cisco IOS 15.1(2)EY3", 
            "Cisco IOS 15.1(2)EY4", 
            "Cisco IOS 15.1(2)GC", 
            "Cisco IOS 15.1(2)GC1", 
            "Cisco IOS 15.1(2)GC2", 
            "Cisco IOS 15.1(4)GC", 
            "Cisco IOS 15.1(4)GC1", 
            "Cisco IOS 15.1(4)GC2", 
            "Cisco IOS 15.1(4)M", 
            "Cisco IOS 15.1(4)M1", 
            "Cisco IOS 15.1(4)M10", 
            "Cisco IOS 15.1(4)M12a", 
            "Cisco IOS 15.1(4)M2", 
            "Cisco IOS 15.1(4)M3", 
            "Cisco IOS 15.1(4)M3a", 
            "Cisco IOS 15.1(4)M4", 
            "Cisco IOS 15.1(4)M5", 
            "Cisco IOS 15.1(4)M6", 
            "Cisco IOS 15.1(4)M7", 
            "Cisco IOS 15.1(4)M8", 
            "Cisco IOS 15.1(4)M9", 
            "Cisco IOS 15.1(1)MR", 
            "Cisco IOS 15.1(1)MR1", 
            "Cisco IOS 15.1(1)MR2", 
            "Cisco IOS 15.1(1)MR3", 
            "Cisco IOS 15.1(1)MR4", 
            "Cisco IOS 15.1(3)MR", 
            "Cisco IOS 15.1(3)MRA", 
            "Cisco IOS 15.1(3)MRA1", 
            "Cisco IOS 15.1(3)MRA2", 
            "Cisco IOS 15.1(3)MRA3", 
            "Cisco IOS 15.1(3)MRA4", 
            "Cisco IOS 15.1(1)S", 
            "Cisco IOS 15.1(1)S1", 
            "Cisco IOS 15.1(1)S2", 
            "Cisco IOS 15.1(2)S", 
            "Cisco IOS 15.1(2)S1", 
            "Cisco IOS 15.1(2)S2", 
            "Cisco IOS 15.1(3)S", 
            "Cisco IOS 15.1(3)S0a", 
            "Cisco IOS 15.1(3)S1", 
            "Cisco IOS 15.1(3)S2", 
            "Cisco IOS 15.1(3)S3", 
            "Cisco IOS 15.1(3)S4", 
            "Cisco IOS 15.1(3)S5", 
            "Cisco IOS 15.1(3)S5a", 
            "Cisco IOS 15.1(3)S6", 
            "Cisco IOS 15.1(1)SG", 
            "Cisco IOS 15.1(1)SG1", 
            "Cisco IOS 15.1(1)SG2", 
            "Cisco IOS 15.1(2)SG", 
            "Cisco IOS 15.1(2)SG1", 
            "Cisco IOS 15.1(2)SG2", 
            "Cisco IOS 15.1(2)SG3", 
            "Cisco IOS 15.1(2)SG4", 
            "Cisco IOS 15.1(2)SG5", 
            "Cisco IOS 15.1(2)SG6", 
            "Cisco IOS 15.1(2)SG7", 
            "Cisco IOS 15.1(2)SNG", 
            "Cisco IOS 15.1(2)SNH", 
            "Cisco IOS 15.1(2)SNI", 
            "Cisco IOS 15.1(2)SNI1", 
            "Cisco IOS 15.1(3)SVB1", 
            "Cisco IOS 15.1(3)SVD", 
            "Cisco IOS 15.1(3)SVD1", 
            "Cisco IOS 15.1(3)SVD2", 
            "Cisco IOS 15.1(3)SVE", 
            "Cisco IOS 15.1(3)SVF", 
            "Cisco IOS 15.1(3)SVF1", 
            "Cisco IOS 15.1(3)SVF4a", 
            "Cisco IOS 15.1(1)SY", 
            "Cisco IOS 15.1(1)SY1", 
            "Cisco IOS 15.1(1)SY2", 
            "Cisco IOS 15.1(1)SY3", 
            "Cisco IOS 15.1(1)SY4", 
            "Cisco IOS 15.1(1)SY5", 
            "Cisco IOS 15.1(1)SY6", 
            "Cisco IOS 15.1(2)SY", 
            "Cisco IOS 15.1(2)SY1", 
            "Cisco IOS 15.1(2)SY2", 
            "Cisco IOS 15.1(2)SY3", 
            "Cisco IOS 15.1(2)SY4", 
            "Cisco IOS 15.1(2)SY4a", 
            "Cisco IOS 15.1(2)SY5", 
            "Cisco IOS 15.1(2)SY6", 
            "Cisco IOS 15.1(2)SY7", 
            "Cisco IOS 15.1(1)T", 
            "Cisco IOS 15.1(1)T1", 
            "Cisco IOS 15.1(1)T2", 
            "Cisco IOS 15.1(1)T3", 
            "Cisco IOS 15.1(1)T4", 
            "Cisco IOS 15.1(1)T5", 
            "Cisco IOS 15.1(2)T", 
            "Cisco IOS 15.1(2)T0a", 
            "Cisco IOS 15.1(2)T1", 
            "Cisco IOS 15.1(2)T2", 
            "Cisco IOS 15.1(2)T2a", 
            "Cisco IOS 15.1(2)T3", 
            "Cisco IOS 15.1(2)T4", 
            "Cisco IOS 15.1(2)T5", 
            "Cisco IOS 15.1(3)T", 
            "Cisco IOS 15.1(3)T1", 
            "Cisco IOS 15.1(3)T2", 
            "Cisco IOS 15.1(3)T3", 
            "Cisco IOS 15.1(3)T4", 
            "Cisco IOS 15.1(1)XB", 
            "Cisco IOS 15.2(1)E", 
            "Cisco IOS 15.2(1)E1", 
            "Cisco IOS 15.2(1)E2", 
            "Cisco IOS 15.2(1)E3", 
            "Cisco IOS 15.2(2)E", 
            "Cisco IOS 15.2(2)E1", 
            "Cisco IOS 15.2(2)E2", 
            "Cisco IOS 15.2(2)E4", 
            "Cisco IOS 15.2(2a)E1", 
            "Cisco IOS 15.2(3)E", 
            "Cisco IOS 15.2(3)E1", 
            "Cisco IOS 15.2(3)E2", 
            "Cisco IOS 15.2(3)E3", 
            "Cisco IOS 15.2(3a)E", 
            "Cisco IOS 15.2(3m)E2", 
            "Cisco IOS 15.2(3m)E3", 
            "Cisco IOS 15.2(3m)E8", 
            "Cisco IOS 15.2(4)E", 
            "Cisco IOS 15.2(4)E1", 
            "Cisco IOS 15.2(4m)E1", 
            "Cisco IOS 15.2(2)EB", 
            "Cisco IOS 15.2(2)EB1", 
            "Cisco IOS 15.2(2)EB2", 
            "Cisco IOS 15.2(1)EY", 
            "Cisco IOS 15.2(1)GC", 
            "Cisco IOS 15.2(1)GC1", 
            "Cisco IOS 15.2(1)GC2", 
            "Cisco IOS 15.2(2)GC", 
            "Cisco IOS 15.2(3)GC", 
            "Cisco IOS 15.2(3)GC1", 
            "Cisco IOS 15.2(4)GC", 
            "Cisco IOS 15.2(4)GC1", 
            "Cisco IOS 15.2(4)GC2", 
            "Cisco IOS 15.2(4)GC3", 
            "Cisco IOS 15.2(2)JA", 
            "Cisco IOS 15.2(2)JA1", 
            "Cisco IOS 15.2(4)JA", 
            "Cisco IOS 15.2(4)JA1", 
            "Cisco IOS 15.2(2)JAX", 
            "Cisco IOS 15.2(2)JAX1", 
            "Cisco IOS 15.2(2)JB", 
            "Cisco IOS 15.2(2)JB2", 
            "Cisco IOS 15.2(2)JB3", 
            "Cisco IOS 15.2(2)JB4", 
            "Cisco IOS 15.2(2)JB5", 
            "Cisco IOS 15.2(4)JB", 
            "Cisco IOS 15.2(4)JB1", 
            "Cisco IOS 15.2(4)JB2", 
            "Cisco IOS 15.2(4)JB3", 
            "Cisco IOS 15.2(4)JB3a", 
            "Cisco IOS 15.2(4)JB3b", 
            "Cisco IOS 15.2(4)JB3h", 
            "Cisco IOS 15.2(4)JB3s", 
            "Cisco IOS 15.2(4)JB4", 
            "Cisco IOS 15.2(4)JB5", 
            "Cisco IOS 15.2(4)JB5h", 
            "Cisco IOS 15.2(4)JB5m", 
            "Cisco IOS 15.2(4)JB50", 
            "Cisco IOS 15.2(4)JB6", 
            "Cisco IOS 15.2(4)JB7", 
            "Cisco IOS 15.2(2)JN1", 
            "Cisco IOS 15.2(2)JN2", 
            "Cisco IOS 15.2(4)JN", 
            "Cisco IOS 15.2(4)M", 
            "Cisco IOS 15.2(4)M1", 
            "Cisco IOS 15.2(4)M10", 
            "Cisco IOS 15.2(4)M11", 
            "Cisco IOS 15.2(4)M2", 
            "Cisco IOS 15.2(4)M3", 
            "Cisco IOS 15.2(4)M4", 
            "Cisco IOS 15.2(4)M5", 
            "Cisco IOS 15.2(4)M6", 
            "Cisco IOS 15.2(4)M6a", 
            "Cisco IOS 15.2(4)M7", 
            "Cisco IOS 15.2(4)M8", 
            "Cisco IOS 15.2(4)M9", 
            "Cisco IOS 15.2(1)S", 
            "Cisco IOS 15.2(1)S1", 
            "Cisco IOS 15.2(1)S2", 
            "Cisco IOS 15.2(2)S", 
            "Cisco IOS 15.2(2)S0a", 
            "Cisco IOS 15.2(2)S0c", 
            "Cisco IOS 15.2(2)S1", 
            "Cisco IOS 15.2(2)S2", 
            "Cisco IOS 15.2(4)S", 
            "Cisco IOS 15.2(4)S1", 
            "Cisco IOS 15.2(4)S2", 
            "Cisco IOS 15.2(4)S3", 
            "Cisco IOS 15.2(4)S3a", 
            "Cisco IOS 15.2(4)S4", 
            "Cisco IOS 15.2(4)S4a", 
            "Cisco IOS 15.2(4)S5", 
            "Cisco IOS 15.2(4)S6", 
            "Cisco IOS 15.2(4)S7", 
            "Cisco IOS 15.2(2)SNG", 
            "Cisco IOS 15.2(2)SNH1", 
            "Cisco IOS 15.2(2)SNI", 
            "Cisco IOS 15.2(1)SY", 
            "Cisco IOS 15.2(1)SY0a", 
            "Cisco IOS 15.2(1)SY1", 
            "Cisco IOS 15.2(1)SY1a", 
            "Cisco IOS 15.2(1)SY2", 
            "Cisco IOS 15.2(2)SY", 
            "Cisco IOS 15.2(2)SY1", 
            "Cisco IOS 15.2(1)T", 
            "Cisco IOS 15.2(1)T1", 
            "Cisco IOS 15.2(1)T2", 
            "Cisco IOS 15.2(1)T3", 
            "Cisco IOS 15.2(1)T3a", 
            "Cisco IOS 15.2(1)T4", 
            "Cisco IOS 15.2(2)T", 
            "Cisco IOS 15.2(2)T1", 
            "Cisco IOS 15.2(2)T2", 
            "Cisco IOS 15.2(2)T3", 
            "Cisco IOS 15.2(2)T4", 
            "Cisco IOS 15.2(3)T", 
            "Cisco IOS 15.2(3)T1", 
            "Cisco IOS 15.2(3)T2", 
            "Cisco IOS 15.2(3)T3", 
            "Cisco IOS 15.2(3)T4", 
            "Cisco IOS 15.3(3)JA", 
            "Cisco IOS 15.3(3)JA1", 
            "Cisco IOS 15.3(3)JA1m", 
            "Cisco IOS 15.3(3)JA1n", 
            "Cisco IOS 15.3(3)JA4", 
            "Cisco IOS 15.3(3)JA5", 
            "Cisco IOS 15.3(3)JA6", 
            "Cisco IOS 15.3(3)JA7", 
            "Cisco IOS 15.3(3)JA77", 
            "Cisco IOS 15.3(3)JA8", 
            "Cisco IOS 15.3(3)JA9", 
            "Cisco IOS 15.3(3)JAA", 
            "Cisco IOS 15.3(3)JAB", 
            "Cisco IOS 15.3(3)JAX", 
            "Cisco IOS 15.3(3)JAX1", 
            "Cisco IOS 15.3(3)JAX2", 
            "Cisco IOS 15.3(3)JB", 
            "Cisco IOS 15.3(3)JB75", 
            "Cisco IOS 15.3(3)JBB", 
            "Cisco IOS 15.3(3)JBB1", 
            "Cisco IOS 15.3(3)JBB2", 
            "Cisco IOS 15.3(3)JBB4", 
            "Cisco IOS 15.3(3)JBB5", 
            "Cisco IOS 15.3(3)JBB50", 
            "Cisco IOS 15.3(3)JBB6", 
            "Cisco IOS 15.3(3)JBB6a", 
            "Cisco IOS 15.3(3)JBB8", 
            "Cisco IOS 15.3(3)JC", 
            "Cisco IOS 15.3(3)JN3", 
            "Cisco IOS 15.3(3)JN4", 
            "Cisco IOS 15.3(3)JN7", 
            "Cisco IOS 15.3(3)JN8", 
            "Cisco IOS 15.3(3)JNB", 
            "Cisco IOS 15.3(3)JNB1", 
            "Cisco IOS 15.3(3)JNB2", 
            "Cisco IOS 15.3(3)JNB3", 
            "Cisco IOS 15.3(3)JNC", 
            "Cisco IOS 15.3(3)JNC1", 
            "Cisco IOS 15.3(3)JNP", 
            "Cisco IOS 15.3(3)JNP1", 
            "Cisco IOS 15.3(3)M", 
            "Cisco IOS 15.3(3)M1", 
            "Cisco IOS 15.3(3)M2", 
            "Cisco IOS 15.3(3)M3", 
            "Cisco IOS 15.3(3)M4", 
            "Cisco IOS 15.3(3)M5", 
            "Cisco IOS 15.3(3)M6", 
            "Cisco IOS 15.3(3)M7", 
            "Cisco IOS 15.3(1)S", 
            "Cisco IOS 15.3(1)S1", 
            "Cisco IOS 15.3(1)S2", 
            "Cisco IOS 15.3(2)S", 
            "Cisco IOS 15.3(2)S0a", 
            "Cisco IOS 15.3(2)S1", 
            "Cisco IOS 15.3(2)S2", 
            "Cisco IOS 15.3(3)S", 
            "Cisco IOS 15.3(3)S1", 
            "Cisco IOS 15.3(3)S1a", 
            "Cisco IOS 15.3(3)S2", 
            "Cisco IOS 15.3(3)S3", 
            "Cisco IOS 15.3(3)S4", 
            "Cisco IOS 15.3(3)S5", 
            "Cisco IOS 15.3(3)S6", 
            "Cisco IOS 15.3(3)S7", 
            "Cisco IOS 15.3(1)SY", 
            "Cisco IOS 15.3(1)T", 
            "Cisco IOS 15.3(1)T1", 
            "Cisco IOS 15.3(1)T2", 
            "Cisco IOS 15.3(1)T3", 
            "Cisco IOS 15.3(1)T4", 
            "Cisco IOS 15.3(2)T", 
            "Cisco IOS 15.3(2)T1", 
            "Cisco IOS 15.3(2)T2", 
            "Cisco IOS 15.3(2)T3", 
            "Cisco IOS 15.3(2)T4", 
            "Cisco IOS 15.4(1)CG", 
            "Cisco IOS 15.4(1)CG1", 
            "Cisco IOS 15.4(2)CG", 
            "Cisco IOS 15.4(3)M", 
            "Cisco IOS 15.4(3)M1", 
            "Cisco IOS 15.4(3)M2", 
            "Cisco IOS 15.4(3)M3", 
            "Cisco IOS 15.4(3)M4", 
            "Cisco IOS 15.4(3)M5", 
            "Cisco IOS 15.4(1)S", 
            "Cisco IOS 15.4(1)S1", 
            "Cisco IOS 15.4(1)S2", 
            "Cisco IOS 15.4(1)S3", 
            "Cisco IOS 15.4(1)S4", 
            "Cisco IOS 15.4(2)S", 
            "Cisco IOS 15.4(2)S1", 
            "Cisco IOS 15.4(2)S2", 
            "Cisco IOS 15.4(2)S3", 
            "Cisco IOS 15.4(2)S4", 
            "Cisco IOS 15.4(3)S", 
            "Cisco IOS 15.4(3)S1", 
            "Cisco IOS 15.4(3)S2", 
            "Cisco IOS 15.4(3)S3", 
            "Cisco IOS 15.4(3)S4", 
            "Cisco IOS 15.4(3)S5", 
            "Cisco IOS 15.4(1)T", 
            "Cisco IOS 15.4(1)T1", 
            "Cisco IOS 15.4(1)T2", 
            "Cisco IOS 15.4(1)T3", 
            "Cisco IOS 15.4(1)T4", 
            "Cisco IOS 15.4(2)T", 
            "Cisco IOS 15.4(2)T1", 
            "Cisco IOS 15.4(2)T2", 
            "Cisco IOS 15.4(2)T3", 
            "Cisco IOS 15.4(2)T4", 
            "Cisco IOS 15.5(3)M", 
            "Cisco IOS 15.5(3)M0a", 
            "Cisco IOS 15.5(3)M1", 
            "Cisco IOS 15.5(3)M2", 
            "Cisco IOS 15.5(1)S", 
            "Cisco IOS 15.5(1)S1", 
            "Cisco IOS 15.5(1)S2", 
            "Cisco IOS 15.5(1)S3", 
            "Cisco IOS 15.5(2)S", 
            "Cisco IOS 15.5(2)S1", 
            "Cisco IOS 15.5(2)S2", 
            "Cisco IOS 15.5(2)S3", 
            "Cisco IOS 15.5(3)S", 
            "Cisco IOS 15.5(3)S0a", 
            "Cisco IOS 15.5(3)S1", 
            "Cisco IOS 15.5(3)S1a", 
            "Cisco IOS 15.5(3)S2", 
            "Cisco IOS 15.5(3)SN", 
            "Cisco IOS 15.5(1)T4", 
            "Cisco IOS 15.5(2)T4", 
            "Cisco IOS 15.5(1)T", 
            "Cisco IOS 15.5(1)T1", 
            "Cisco IOS 15.5(1)T2", 
            "Cisco IOS 15.5(1)T3", 
            "Cisco IOS 15.5(2)T", 
            "Cisco IOS 15.5(2)T1", 
            "Cisco IOS 15.5(2)T2", 
            "Cisco IOS 15.5(2)T3", 
            "Cisco IOS 15.6(1)S", 
            "Cisco IOS 15.6(1)S1", 
            "Cisco IOS 15.6(2)S", 
            "Cisco IOS 15.6(2)SN", 
            "Cisco IOS 15.6(1)T", 
            "Cisco IOS 15.6(1)T0a", 
            "Cisco IOS 15.6(1)T1", 
            "Cisco IOS XE Software 3.18S 3.18.0S", 
            "Cisco IOS XE Software 3.8E 3.8.0E", 
            "Cisco IOS XE Software 3.8E 3.8.1E", 
            "Cisco IOS XE Software 3.1S 3.1.3aS", 
            "Cisco IOS XE Software 3.1S 3.1.0S", 
            "Cisco IOS XE Software 3.1S 3.1.1S", 
            "Cisco IOS XE Software 3.1S 3.1.2S", 
            "Cisco IOS XE Software 3.1S 3.1.4S", 
            "Cisco IOS XE Software 3.1S 3.1.4aS", 
            "Cisco IOS XE Software 3.2S 3.2.1S", 
            "Cisco IOS XE Software 3.2S 3.2.2S", 
            "Cisco IOS XE Software 3.3S 3.3.0S", 
            "Cisco IOS XE Software 3.3S 3.3.1S", 
            "Cisco IOS XE Software 3.3S 3.3.2S", 
            "Cisco IOS XE Software 3.3SG 3.3.0SG", 
            "Cisco IOS XE Software 3.3SG 3.3.1SG", 
            "Cisco IOS XE Software 3.3SG 3.3.2SG", 
            "Cisco IOS XE Software 3.3XO 3.3.0XO", 
            "Cisco IOS XE Software 3.3XO 3.3.1XO", 
            "Cisco IOS XE Software 3.4S 3.4.0S", 
            "Cisco IOS XE Software 3.4S 3.4.0aS", 
            "Cisco IOS XE Software 3.4S 3.4.1S", 
            "Cisco IOS XE Software 3.4S 3.4.2S", 
            "Cisco IOS XE Software 3.4S 3.4.3S", 
            "Cisco IOS XE Software 3.4S 3.4.4S", 
            "Cisco IOS XE Software 3.4S 3.4.5S", 
            "Cisco IOS XE Software 3.4S 3.4.6S", 
            "Cisco IOS XE Software 3.4SG 3.4.0SG", 
            "Cisco IOS XE Software 3.4SG 3.4.1SG", 
            "Cisco IOS XE Software 3.4SG 3.4.2SG", 
            "Cisco IOS XE Software 3.4SG 3.4.3SG", 
            "Cisco IOS XE Software 3.4SG 3.4.4SG", 
            "Cisco IOS XE Software 3.4SG 3.4.5SG", 
            "Cisco IOS XE Software 3.4SG 3.4.6SG", 
            "Cisco IOS XE Software 3.4SG 3.4.7SG", 
            "Cisco IOS XE Software 3.5E 3.5.0E", 
            "Cisco IOS XE Software 3.5E 3.5.1E", 
            "Cisco IOS XE Software 3.5E 3.5.2E", 
            "Cisco IOS XE Software 3.5E 3.5.3E", 
            "Cisco IOS XE Software 3.5S 3.5.0S", 
            "Cisco IOS XE Software 3.5S 3.5.1S", 
            "Cisco IOS XE Software 3.5S 3.5.2S", 
            "Cisco IOS XE Software 3.6E 3.6.4E", 
            "Cisco IOS XE Software 3.6E 3.6.0E", 
            "Cisco IOS XE Software 3.6E 3.6.1E", 
            "Cisco IOS XE Software 3.6E 3.6.2aE", 
            "Cisco IOS XE Software 3.6E 3.6.2E", 
            "Cisco IOS XE Software 3.6E 3.6.3E", 
            "Cisco IOS XE Software 3.6S 3.6.0S", 
            "Cisco IOS XE Software 3.6S 3.6.1S", 
            "Cisco IOS XE Software 3.6S 3.6.2S", 
            "Cisco IOS XE Software 3.7E 3.7.3E", 
            "Cisco IOS XE Software 3.7E 3.7.0E", 
            "Cisco IOS XE Software 3.7E 3.7.1E", 
            "Cisco IOS XE Software 3.7E 3.7.2E", 
            "Cisco IOS XE Software 3.7S 3.7.0S", 
            "Cisco IOS XE Software 3.7S 3.7.1S", 
            "Cisco IOS XE Software 3.7S 3.7.2S", 
            "Cisco IOS XE Software 3.7S 3.7.2tS", 
            "Cisco IOS XE Software 3.7S 3.7.3S", 
            "Cisco IOS XE Software 3.7S 3.7.4S", 
            "Cisco IOS XE Software 3.7S 3.7.4aS", 
            "Cisco IOS XE Software 3.7S 3.7.5S", 
            "Cisco IOS XE Software 3.7S 3.7.6S", 
            "Cisco IOS XE Software 3.7S 3.7.7S", 
            "Cisco IOS XE Software 3.8S 3.8.0S", 
            "Cisco IOS XE Software 3.8S 3.8.1S", 
            "Cisco IOS XE Software 3.8S 3.8.2S", 
            "Cisco IOS XE Software 3.9S 3.9.0S", 
            "Cisco IOS XE Software 3.9S 3.9.0aS", 
            "Cisco IOS XE Software 3.9S 3.9.1S", 
            "Cisco IOS XE Software 3.9S 3.9.1aS", 
            "Cisco IOS XE Software 3.9S 3.9.2S", 
            "Cisco IOS XE Software 3.10S 3.10.0S", 
            "Cisco IOS XE Software 3.10S 3.10.1S", 
            "Cisco IOS XE Software 3.10S 3.10.1xbS", 
            "Cisco IOS XE Software 3.10S 3.10.2S", 
            "Cisco IOS XE Software 3.10S 3.10.3S", 
            "Cisco IOS XE Software 3.10S 3.10.4S", 
            "Cisco IOS XE Software 3.10S 3.10.5S", 
            "Cisco IOS XE Software 3.10S 3.10.6S", 
            "Cisco IOS XE Software 3.10S 3.10.7S", 
            "Cisco IOS XE Software 3.11S 3.11.0S", 
            "Cisco IOS XE Software 3.11S 3.11.1S", 
            "Cisco IOS XE Software 3.11S 3.11.2S", 
            "Cisco IOS XE Software 3.11S 3.11.3S", 
            "Cisco IOS XE Software 3.11S 3.11.4S", 
            "Cisco IOS XE Software 3.12S 3.12.0S", 
            "Cisco IOS XE Software 3.12S 3.12.0aS", 
            "Cisco IOS XE Software 3.12S 3.12.1S", 
            "Cisco IOS XE Software 3.12S 3.12.4S", 
            "Cisco IOS XE Software 3.12S 3.12.2S", 
            "Cisco IOS XE Software 3.12S 3.12.3S", 
            "Cisco IOS XE Software 3.13S 3.13.2aS", 
            "Cisco IOS XE Software 3.13S 3.13.5S", 
            "Cisco IOS XE Software 3.13S 3.13.0S", 
            "Cisco IOS XE Software 3.13S 3.13.0aS", 
            "Cisco IOS XE Software 3.13S 3.13.1S", 
            "Cisco IOS XE Software 3.13S 3.13.2S", 
            "Cisco IOS XE Software 3.13S 3.13.3S", 
            "Cisco IOS XE Software 3.13S 3.13.4S", 
            "Cisco IOS XE Software 3.14S 3.14.0S", 
            "Cisco IOS XE Software 3.14S 3.14.1S", 
            "Cisco IOS XE Software 3.14S 3.14.2S", 
            "Cisco IOS XE Software 3.14S 3.14.3S", 
            "Cisco IOS XE Software 3.15S 3.15.1cS", 
            "Cisco IOS XE Software 3.15S 3.15.3S", 
            "Cisco IOS XE Software 3.15S 3.15.0S", 
            "Cisco IOS XE Software 3.15S 3.15.1S", 
            "Cisco IOS XE Software 3.15S 3.15.2S", 
            "Cisco IOS XE Software 3.17S 3.17.0S", 
            "Cisco IOS XE Software 3.17S 3.17.1S", 
            "Cisco IOS XE Software 16.1 16.1.1", 
            "Cisco IOS XE Software 16.1 16.1.2", 
            "Cisco IOS XE Software 3.16S 3.16.0S", 
            "Cisco IOS XE Software 3.16S 3.16.0cS", 
            "Cisco IOS XE Software 3.16S 3.16.1S", 
            "Cisco IOS XE Software 3.16S 3.16.1aS", 
            "Cisco IOS XE Software 3.16S 3.16.2S", 
            "Cisco IOS XE Software 3.16S 3.16.2aS"
        ], 
        "last_updated": "2016-09-28T21:00:00+0000", 
        "publication_url": [
            "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1", 
            "http://tools.cisco.com/security/center/content/CiscoSecurityBundle/cisco-sa-20160928-bundle", 
            "http://tools.cisco.com/security/center/content/CiscoSecurityBundle/cisco-sa-20160928-bundle", 
            "http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56513", 
            "http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56513"
        ], 
        "sir": "High", 
        "summary": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected system. \n\n\n\nThe vulnerability is due to the improper handling of crafted, fragmented IKEv1 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to cause a reload of the affected system.\n\n\n\nNote: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.\n\n\n\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\n\n\nThis advisory is available at the following link:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1\"]\n\n\n\nThis advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of ?High.? For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication[\"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56513\"].\n", 
        "vulns": [
            {
                "vuln_base_score": "7.1", 
                "vuln_bug_ids": [
                    "CSCuy47382"
                ], 
                "vuln_cve": "CVE-2016-6381", 
                "vuln_title": "Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability"
            }
        ]
    },

AFTER:

{
        "advisory_id": "cisco-sa-20160928-ios-ikev1", 
        "advisory_title": "Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability", 
        "bug_ids": [
            "CSCuy47382"
        ], 
        "cves": [
            "CVE-2016-6381"
        ], 
        "cvrf_url": "https://tools.cisco.com/security/center/contentxml/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1/cvrf/cisco-sa-20160928-ios-ikev1_cvrf.xml", 
        "cvss_base_score": "7.1", 
        "cwe": [
            "CWE-399"
        ], 
        "first_published": "2016-09-28T16:00:00-0500", 
        "last_updated": "2016-09-28T16:00:00-0500", 
        "product_names": [
            "Cisco Catalyst Switch Manager", 
            "Cisco IOS Software Releases 12.4 T", 
            "Cisco IOS Software Releases 12.4 Special and Early Deployments", 
            "Cisco IOS XE Release 2", 
            "Cisco IOS Software Release 12.4(22)MD", 
            "Cisco IOS Software Release 12.4(22)T", 
            "Cisco IOS Software Release 12.4(22)YB", 
            "Cisco IOS Software Release 12.4(24)T", 
            "Cisco IOS Software Release 12.4(22)YD", 
            "Cisco IOS Software Release 12.4(22)YE", 
            "Cisco IOS 15.0M", 
            "Cisco IOS 15.0 Special and Early Deployments", 
            "Cisco IOS 15.1M&T", 
            "Cisco IOS 15.1 Special and Early Deployments", 
            "Cisco IOS Software Release 15.0(1)M", 
            "Cisco IOS Software Release 15.1(1)T", 
            "Cisco IOS Software Release 15.0(1)XA", 
            "Cisco IOS Software Release 15.1(1)XB", 
            "Cisco IOS 15.0S", 
            "Cisco IOS Software Release 12.4(24)YE", 
            "Cisco IOS Software Release 15.0(1)S", 
            "Cisco IOS Software Release 15.1(2)T", 
            "Cisco IOS XE 3S", 
            "Cisco IOS 15.1S", 
            "Cisco IOS Software Release 15.1(3)T", 
            "Cisco IOS Software Release 15.1(4)M", 
            "Cisco IOS Software Release 15.1(1)S", 
            "Cisco IOS XE 3.1S", 
            "Cisco IOS XE 3.2S", 
            "Cisco IOS Software Release 15.1(2)S", 
            "Cisco IOS XE 3.3S", 
            "Cisco IOS XE 3.4S", 
            "Cisco IOS 15.2M&T", 
            "Cisco IOS Software Release 15.2(1)T", 
            "Cisco IOS Software Release 15.1(3)S", 
            "Cisco IOS 15.0SE", 
            "Cisco IOS XE 3.5S", 
            "Cisco IOS 15.3S", 
            "Cisco IOS Software Release 15.3(1)S", 
            "Cisco IOS Software Release 15.3(2)S", 
            "Cisco IOS Software Release 15.3(3)S", 
            "Cisco IOS 15.4S", 
            "Cisco IOS Software Release 15.3(2)T", 
            "Cisco IOS 15.2E", 
            "Cisco IOS XE 3E", 
            "Cisco IOS Software Release 15.2(1)E", 
            "Cisco IOS XE 3.5E", 
            "Cisco IOS Software Release 15.4(1)S", 
            "Cisco IOS 15.4M&T", 
            "Cisco IOS XE 3.11S", 
            "Cisco IOS Software Release 15.4(1)T", 
            "Cisco IOS Software Release 15.4(2)S", 
            "Cisco IOS XE 3.12S", 
            "Cisco IOS Software Release 15.4(2)T", 
            "Cisco Industrial Ethernet 4000 Series Switches", 
            "Cisco IOS 15.5M&T", 
            "Cisco IOS Software Release 15.5(1)T", 
            "Cisco IOS Software Release 15.4(3)S", 
            "Cisco IOS XE 3.13S", 
            "Cisco IOS Software Release 15.4(3)M", 
            "Cisco IOS Software Release 15.2(3)E", 
            "Cisco IOS Software Release 15.5(1)S", 
            "Cisco IOS 15.2SY", 
            "Cisco IOS XE 3.14S", 
            "Cisco IOS Software Release 15.5(2)T", 
            "Cisco IOS XE 3.7E", 
            "Cisco IOS XE 3.15S", 
            "Cisco IOS 15.5S", 
            "Cisco IOS Software Release 15.2(1)SY", 
            "Cisco IOS Software Release 15.5(2)S", 
            "Cisco Industrial Ethernet 5000 Series Switches"
        ], 
        "publication_url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1", 
        "sir": "High", 
        "summary": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected system. <br />\n<br />\nThe vulnerability is due to the improper handling of crafted, fragmented IKEv1 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to cause a reload of the affected system.<br />\n<br />\n<strong>Note:</strong> Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.<br />\n<br />\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br />\n<br />\nThis advisory is available at the following link:<br />\n<a href=\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1\">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1</a><br />\n<br />\nThis advisory is part of the September 28, 2016, release of the Cisco&nbsp;IOS and IOS&nbsp;XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of &ldquo;High.&rdquo; For a complete list of the advisories and links to them, see <a href=\"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56513\">Cisco Event Response: September 2016 Semiannual Cisco&nbsp;IOS and IOS&nbsp;XE Software Security Advisory Bundled Publication</a>.<br />"
    },
santosomar commented 7 years ago

Hi Chris,

For IOS and IOS-XE we are working on an integration with IOS software checker, on where you will get better results. For instance, you will get all the advisories related to a specific IOS/XE version, as well as the first fixed release information. This should be available within a couple of weeks and we will make an announcement in mid-January.

You will also be able to query on a per-product basis, as well...

Thanks for your patience, as we develop these new capabilities.

Thanks! Omar

cmsirbu commented 7 years ago

That's great news, I've had to do some crazy black magic to match IOS-XE version to CVRF product names!

On this particular problem though, please re-open the issue as the library now outputs a very incomplete "product_names" list from the XML it receives via the API call. Maybe I wasn't very clear in the previous post, but the BEFORE and AFTER show the discrepancy (I'm expecting that the contents of "product_names" and "full_product_name_list" should be the same).