[ { "advisoryKey": "BDU:2025-00001", "affectedPackages": [ { "type": "vendor", "identifier": "ООО «1С-Софт» 1С:Предприятие", "platform": null, "versionRanges": [ { "fixedVersion": null, "introducedVersion": null, "lastAffectedVersion": null, "primitives": null, "provenance": { "source": "ru-bdu", "kind": "package-range", "value": "8.2.19.116", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "affectedpackages[].versionranges[]" ] }, "rangeExpression": "8.2.19.116", "rangeKind": "string" } ], "normalizedVersions": [ { "scheme": "ru-bdu.raw", "type": "exact", "min": null, "minInclusive": null, "max": null, "maxInclusive": null, "value": "8.2.19.116", "notes": null } ], "statuses": [ { "provenance": { "source": "ru-bdu", "kind": "package-status", "value": "Подтверждена производителем", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "affectedpackages[].statuses[]" ] }, "status": "affected" }, { "provenance": { "source": "ru-bdu", "kind": "package-fix-status", "value": "Уязвимость устранена", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "affectedpackages[].statuses[]" ] }, "status": "fixed" } ], "provenance": [ { "source": "ru-bdu", "kind": "package", "value": "ООО «1С-Софт» 1С:Предприятие", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "affectedpackages[]" ] } ] }, { "type": "vendor", "identifier": "ООО «1С-Софт» 1С:Предприятие", "platform": "Windows", "versionRanges": [ { "fixedVersion": null, "introducedVersion": null, "lastAffectedVersion": null, "primitives": null, "provenance": { "source": "ru-bdu", "kind": "package-range", "value": "8.2.18.96", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "affectedpackages[].versionranges[]" ] }, "rangeExpression": "8.2.18.96", "rangeKind": "string" } ], "normalizedVersions": [ { "scheme": "ru-bdu.raw", "type": "exact", "min": null, "minInclusive": null, "max": null, "maxInclusive": null, "value": "8.2.18.96", "notes": null } ], "statuses": [ { "provenance": { "source": "ru-bdu", "kind": "package-status", "value": "Подтверждена производителем", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "affectedpackages[].statuses[]" ] }, "status": "affected" }, { "provenance": { "source": "ru-bdu", "kind": "package-fix-status", "value": "Уязвимость устранена", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "affectedpackages[].statuses[]" ] }, "status": "fixed" } ], "provenance": [ { "source": "ru-bdu", "kind": "package", "value": "ООО «1С-Софт» 1С:Предприятие", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "affectedpackages[]" ] } ] } ], "aliases": [ "BDU:2025-00001", "CVE-2009-3555", "CVE-2015-0206", "PT-2015-0206" ], "credits": [], "cvssMetrics": [ { "baseScore": 7.5, "baseSeverity": "high", "provenance": { "source": "ru-bdu", "kind": "cvss", "value": "CVSS:2.0/AV:N/AC:L/AU:N/C:P/I:P/A:P", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "cvssmetrics[]" ] }, "vector": "CVSS:2.0/AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" }, { "baseScore": 9.8, "baseSeverity": "critical", "provenance": { "source": "ru-bdu", "kind": "cvss", "value": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "cvssmetrics[]" ] }, "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } ], "exploitKnown": true, "language": "ru", "modified": "2013-01-12T00:00:00+00:00", "provenance": [ { "source": "ru-bdu", "kind": "advisory", "value": "BDU:2025-00001", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "advisory" ] } ], "published": "2013-01-12T00:00:00+00:00", "references": [ { "kind": "source", "provenance": { "source": "ru-bdu", "kind": "reference", "value": "http://mirror.example/ru-bdu/BDU-2025-00001", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "references[]" ] }, "sourceTag": "ru-bdu", "summary": null, "url": "http://mirror.example/ru-bdu/BDU-2025-00001" }, { "kind": "source", "provenance": { "source": "ru-bdu", "kind": "reference", "value": "https://advisories.example/BDU-2025-00001", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "references[]" ] }, "sourceTag": "ru-bdu", "summary": null, "url": "https://advisories.example/BDU-2025-00001" }, { "kind": "details", "provenance": { "source": "ru-bdu", "kind": "reference", "value": "https://bdu.fstec.ru/vul/2025-00001", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "references[]" ] }, "sourceTag": "ru-bdu", "summary": null, "url": "https://bdu.fstec.ru/vul/2025-00001" }, { "kind": "cwe", "provenance": { "source": "ru-bdu", "kind": "reference", "value": "https://cwe.mitre.org/data/definitions/310.html", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "references[]" ] }, "sourceTag": "cwe", "summary": "Проблемы использования криптографии", "url": "https://cwe.mitre.org/data/definitions/310.html" }, { "kind": "cve", "provenance": { "source": "ru-bdu", "kind": "reference", "value": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "references[]" ] }, "sourceTag": "cve", "summary": "CVE-2009-3555", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555" }, { "kind": "cve", "provenance": { "source": "ru-bdu", "kind": "reference", "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-0206", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "references[]" ] }, "sourceTag": "cve", "summary": "CVE-2015-0206", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0206" }, { "kind": "external", "provenance": { "source": "ru-bdu", "kind": "reference", "value": "https://ptsecurity.com/PT-2015-0206", "decisionReason": null, "recordedAt": "2025-10-14T08:00:00+00:00", "fieldMask": [ "references[]" ] }, "sourceTag": "positivetechnologiesadvisory", "summary": "PT-2015-0206", "url": "https://ptsecurity.com/PT-2015-0206" } ], "severity": "critical", "summary": "Удалённый злоумышленник может вызвать отказ в обслуживании или получить доступ к данным.", "title": "Множественные уязвимости криптопровайдера" } ]