{"document":{"acknowledgments":[{"urls":["https://kb.cert.org/vuls/id/636397#acknowledgements"]}],"category":"CERT/CC Vulnerability Note","csaf_version":"2.0","notes":[{"category":"summary","text":"### Overview\r\nIP Encapsulation within IP (RFC2003 IP-in-IP) can be abused by an unauthenticated attacker to unexpectedly route arbitrary network traffic through a vulnerable device.\r\n\r\n### Description\r\nIP-in-IP encapsulation is a tunneling protocol specified in RFC 2003 that allows for IP packets to be encapsulated inside another IP packets. This is very similar to IPSEC VPNs in tunnel mode, except in the case of IP-in-IP, the traffic is unencrypted. As specified, the protocol unwraps the inner IP packet and forwards this packet through IP routing tables, potentially providing unexpected access to network paths available to the vulnerable device. An IP-in-IP device is considered to be vulnerable if it accepts IP-in-IP packets from any source to any destination without explicit configuration between the specified source and destination IP addresses. This unexpected Data Processing Error (CWE-19)  by a vulnerable device can be abused to perform reflective DDoS and in certain scenarios used to bypass network access control lists. Because the forwarded network packet may not be inspected or verified by vulnerable devices, there are possibly other unexpected behaviors that can be abused by an attacker on the target device or the target device's network environment.\r\n\r\n### Impact\r\nAn unauthenticated attacker can route network traffic through a vulnerable device, which may lead to reflective DDoS, information leak and bypass of network access controls.\r\n\r\n### Solution\r\n#### Apply updates\r\nThe CERT/CC recommends that you apply the latest patch provided by the affected vendor that addresses this issue. Review the vendor information below or contact your vendor or supplier for specific mitigation advice. If a device has the ability to disable IP-in-IP in its configuration, it is recommended that you disable IP-in-IP in all interfaces that do not require this feature. Device manufacturers are urged to disable IP-in-IP in their default configuration and to require their customers to explicitly configure IP-in-IP as and when needed.\r\n\r\n#### Disable IP-in-IP\r\nUsers can block IP-in-IP packets by filtering IP protocol number 4. Note this filtering is for the IPv4 Protocol (or IPv6 Next Header) field value of 4 and *not* IP protocol version 4 (IPv4).\r\n\r\n#### Proof of Concept (PoC)\r\nA proof-of-concept originally written by Yannay Livneh is [available](https://github.com/CERTCC/PoC-Exploits/tree/master/cve-2020-10136) in the CERT/CC PoC respository.\r\n\r\n#### Detection Signature (IDS)\r\nThis Snort IDS rule looks for any IP-in-IP traffic, whether intentional or not seen at upstream network path of a vulnerable device. This Snort or Suricata rule can be modified to apply filters that ignore sources and destinations that are allowed by policy to route IP-in-IP  traffic.\r\n\r\n`alert ip any any -> any any (msg: \"IP-in-IP Tunneling VU#636397 https://kb.cert.org\"; ip_proto:4; sid: 1367636397; rev:1;)\r\n`\r\n\r\n### Acknowledgements\r\nThanks to Yannay Livneh  for reporting this issue to us.\r\n\r\nThis document was written by Vijay Sarvepalli.","title":"Summary"},{"category":"legal_disclaimer","text":"THIS DOCUMENT IS PROVIDED ON AN 'AS IS' BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. ","title":"Legal Disclaimer"},{"category":"other","text":"CERT/CC Vulnerability Note is a limited advisory. It primarily identifies vendors impacted by the advisory and not specific products. We only support \"known_affected\" and \"known_not_affected\" status. Please consult the vendor's statements and advisory URL if provided by the vendor for more details ","title":"Limitations of Advisory"},{"category":"other","text":"Aruba Networks has tested products across our range and has not found the vulnerable behavior to be allowed anywhere. To the best of our knowledge no Aruba Network products are affected by this vulnerability.","title":"Vendor statment from Aruba Networks"},{"category":"other","text":"There are no additional comments at this time.","title":"CERT/CC comment on Aruba Networks notes"},{"category":"other","text":"Allegro Software does not provide operating systems or network TCP/IP stack. Only webserver software is OEM sold to device manufacturers","title":"Vendor statment from Allegro Software Development Corporation"},{"category":"other","text":"There are no additional comments at this time.","title":"CERT/CC comment on Allegro Software Development Corporation notes"},{"category":"other","text":"As of September 12, 2016, HP has acquired and presently owns Samsung printer’s division. Please see HP vendor section for further information.\r\nhttps://investor.hp.com/news/press-release-details/2016/HP-Acquires-Samsung-Printer-Business/default.aspx","title":"CERT/CC comment on Samsung notes"},{"category":"other","text":"No statement is currently available from the vendor regarding this vulnerability.","title":"Vendor statment from TP-LINK"},{"category":"other","text":"There are no additional comments at this time.","title":"CERT/CC comment on TP-LINK notes"},{"category":"other","text":"HP Security Bulletin c06640149 addresses this vulnerability along with others impacting HP Samsung branded printers.\r\nhttps://support.hp.com/us-en/document/c06640149","title":"CERT/CC comment on HP Inc. notes"},{"category":"other","text":"No statement is currently available from the vendor regarding this vulnerability.","title":"Vendor statment from Maipu Communication Technology"},{"category":"other","text":"There are no additional comments at this time.","title":"CERT/CC comment on Maipu Communication Technology notes"},{"category":"other","text":"LANCOM Systems products are not vulnerable to these vulnerabilities.","title":"Vendor statment from LANCOM Systems GmbH"},{"category":"other","text":"There are no additional comments at this time.","title":"CERT/CC comment on LANCOM Systems GmbH notes"},{"category":"other","text":"We have surveyed our products and determined we are unaffected by this issue.","title":"Vendor statment from Sierra Wireless"},{"category":"other","text":"Please visit Cisco public advisory\r\n https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4","title":"Vendor statment from Cisco"},{"category":"other","text":"There are no additional comments at this time.","title":"CERT/CC comment on Cisco notes"},{"category":"other","text":"Starting with Treck release 6.0.1.67, configuring a 6over4 tunnel no longer automatically enables IP encapsulation within IP","title":"Vendor statment from Treck"},{"category":"other","text":"Please update your Treck embedded TCP/IP software to the version 6.0.1.67 or later to prevent unexpected tunneling behavior in your TCP/IP stack.","title":"CERT/CC comment on Treck notes"},{"category":"other","text":"Default configurations of illumos, even where packet-forwarding is enabled (see the routeadm(1M) man page), should not be vulnerable to this attack.","title":"Vendor statment from Joyent"},{"category":"other","text":"There are no additional comments at this time.","title":"CERT/CC comment on Joyent notes"},{"category":"other","text":"SAROS VERSION 8.1.0.1 (Bootloader 7.67) released on 23 April 2020 fixes this issue.","title":"Vendor statment from Digi International"}],"publisher":{"category":"coordinator","contact_details":"Email: cert@cert.org, Phone: +1412 268 5800","issuing_authority":"CERT/CC under DHS/CISA https://www.cisa.gov/cybersecurity also see https://kb.cert.org/ ","name":"CERT/CC","namespace":"https://kb.cert.org/"},"references":[{"url":"https://certcc.github.io/certcc_disclosure_policy","summary":"CERT/CC vulnerability disclosure policy"},{"summary":"CERT/CC document released","category":"self","url":"https://kb.cert.org/vuls/id/636397"},{"url":"https://tools.ietf.org/html/rfc2003","summary":"https://tools.ietf.org/html/rfc2003"},{"url":"https://tools.ietf.org/html/rfc6169","summary":"https://tools.ietf.org/html/rfc6169"},{"url":"https://github.com/CERTCC/PoC-Exploits/tree/master/cve-2020-10136","summary":"https://github.com/CERTCC/PoC-Exploits/tree/master/cve-2020-10136"},{"url":"https://support.hp.com/us-en/document/c06640149","summary":"Reference(s) from vendor \"HP Inc.\""},{"url":"https://www.sierrawireless.com/company/security/","summary":"Reference(s) from vendor \"Sierra Wireless\""},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4","summary":"Reference(s) from vendor \"Cisco\""},{"url":"https://www.digi.com/resources/security","summary":"Reference(s) from vendor \"Digi International\""}],"title":"IP-in-IP protocol routes arbitrary traffic by default","tracking":{"current_release_date":"2020-09-30T18:58:55+00:00","generator":{"engine":{"name":"VINCE","version":"3.0.35"}},"id":"VU#636397","initial_release_date":"2020-06-01 00:00:00+00:00","revision_history":[{"date":"2020-09-30T18:58:55+00:00","number":"1.20200930185855.14","summary":"Released on 2020-09-30T18:58:55+00:00"}],"status":"final","version":"1.20200930185855.14"}},"vulnerabilities":[{"title":"Decapsulation and routing of unidentified IP-in-IP traffic allows a remote, unauthenticated attacker to route arbitrary network traffic through vulnerable devices\".","notes":[{"category":"summary","text":"Decapsulation and routing of unidentified IP-in-IP traffic allows a remote, unauthenticated attacker to route arbitrary network traffic through vulnerable devices\""}],"cve":"CVE-2020-10136","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#636397"}],"product_status":{"known_affected":["CSAFPID-1ecda176-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1ecdee1a-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1ed062b2-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1ed09dfe-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1ed2700c-3a7e-11f1-a172-0afffb3ee71d"],"known_not_affected":["CSAFPID-1ecfc4ce-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1ed027e8-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1ed0cd60-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1ed38f78-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1ed3f652-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1edc2160-3a7e-11f1-a172-0afffb3ee71d","CSAFPID-1edf9926-3a7e-11f1-a172-0afffb3ee71d"]}}],"product_tree":{"branches":[{"category":"vendor","name":"Samsung","product":{"name":"Samsung Products","product_id":"CSAFPID-1ecda176-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"HP Inc.","product":{"name":"HP Inc. Products","product_id":"CSAFPID-1ecdee1a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-1ece224a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Lynx Software Technologies","product":{"name":"Lynx Software Technologies Products","product_id":"CSAFPID-1ece5df0-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"European Registry for Internet Domains","product":{"name":"European Registry for Internet Domains Products","product_id":"CSAFPID-1ece955e-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Linksys","product":{"name":"Linksys Products","product_id":"CSAFPID-1eced578-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"WizNET Technology","product":{"name":"WizNET Technology Products","product_id":"CSAFPID-1ecf1380-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"lwIP","product":{"name":"lwIP Products","product_id":"CSAFPID-1ecf4a08-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Maipu Communication Technology","product":{"name":"Maipu Communication Technology Products","product_id":"CSAFPID-1ecf869e-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"LANCOM Systems GmbH","product":{"name":"LANCOM Systems GmbH Products","product_id":"CSAFPID-1ecfc4ce-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Sierra Wireless","product":{"name":"Sierra Wireless Products","product_id":"CSAFPID-1ed027e8-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-1ed062b2-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Treck","product":{"name":"Treck Products","product_id":"CSAFPID-1ed09dfe-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Joyent","product":{"name":"Joyent Products","product_id":"CSAFPID-1ed0cd60-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"LiteSpeed Technologies","product":{"name":"LiteSpeed Technologies Products","product_id":"CSAFPID-1ed1104a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"BlackBerry","product":{"name":"BlackBerry Products","product_id":"CSAFPID-1ed14150-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"NEC Corporation","product":{"name":"NEC Corporation Products","product_id":"CSAFPID-1ed17f4e-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Green Hills Software","product":{"name":"Green Hills Software Products","product_id":"CSAFPID-1ed1d368-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-1ed21788-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Digi International","product":{"name":"Digi International Products","product_id":"CSAFPID-1ed2700c-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"HardenedBSD","product":{"name":"HardenedBSD Products","product_id":"CSAFPID-1ed2a018-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Lancope","product":{"name":"Lancope Products","product_id":"CSAFPID-1ed2e014-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"LibreSSL","product":{"name":"LibreSSL Products","product_id":"CSAFPID-1ed30f30-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"AhnLab Inc","product":{"name":"AhnLab Inc Products","product_id":"CSAFPID-1ed34ba8-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Allegro Software Development Corporation","product":{"name":"Allegro Software Development Corporation Products","product_id":"CSAFPID-1ed38f78-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Geexbox","product":{"name":"Geexbox Products","product_id":"CSAFPID-1ed3c754-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-1ed3f652-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Intel","product":{"name":"Intel Products","product_id":"CSAFPID-1ed42960-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Rocket RTOS (Inactive)","product":{"name":"Rocket RTOS (Inactive) Products","product_id":"CSAFPID-1ed4566a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"NetBurner","product":{"name":"NetBurner Products","product_id":"CSAFPID-1ed48360-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Advantech B-B Technology","product":{"name":"Advantech B-B Technology Products","product_id":"CSAFPID-1ed4b178-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Cambium Networks","product":{"name":"Cambium Networks Products","product_id":"CSAFPID-1ed4f610-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"EfficientIP","product":{"name":"EfficientIP Products","product_id":"CSAFPID-1ed53ee0-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Secure64 Software Corporation","product":{"name":"Secure64 Software Corporation Products","product_id":"CSAFPID-1ed584ae-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Symantec","product":{"name":"Symantec Products","product_id":"CSAFPID-1ed5c63a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Arch Linux","product":{"name":"Arch Linux Products","product_id":"CSAFPID-1ed608ca-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Ubiquiti Networks","product":{"name":"Ubiquiti Networks Products","product_id":"CSAFPID-1ed6413c-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"AVM GmbH","product":{"name":"AVM GmbH Products","product_id":"CSAFPID-1ed673be-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"netsnmpj","product":{"name":"netsnmpj Products","product_id":"CSAFPID-1ed6a1ea-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"ARRIS","product":{"name":"ARRIS Products","product_id":"CSAFPID-1ed6d106-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"TippingPoint Technologies Inc.","product":{"name":"TippingPoint Technologies Inc. Products","product_id":"CSAFPID-1ed71134-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-1ed74db6-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Gentoo Linux","product":{"name":"Gentoo Linux Products","product_id":"CSAFPID-1ed7b300-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Nexenta","product":{"name":"Nexenta Products","product_id":"CSAFPID-1ed7fdf6-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"eero","product":{"name":"eero Products","product_id":"CSAFPID-1ed8634a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Dell SecureWorks","product":{"name":"Dell SecureWorks Products","product_id":"CSAFPID-1ed8c1f0-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Barracuda Networks","product":{"name":"Barracuda Networks Products","product_id":"CSAFPID-1ed8fd64-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Fedora Project","product":{"name":"Fedora Project Products","product_id":"CSAFPID-1ed92ffa-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Proxim Inc.","product":{"name":"Proxim Inc. Products","product_id":"CSAFPID-1ed999fe-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-1ed9d1d0-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Xiaomi","product":{"name":"Xiaomi Products","product_id":"CSAFPID-1eda1032-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Deutsche Telekom","product":{"name":"Deutsche Telekom Products","product_id":"CSAFPID-1eda68ca-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Akamai Technologies Inc.","product":{"name":"Akamai Technologies Inc. Products","product_id":"CSAFPID-1eda98cc-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"DesktopBSD","product":{"name":"DesktopBSD Products","product_id":"CSAFPID-1edac798-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"SmoothWall","product":{"name":"SmoothWall Products","product_id":"CSAFPID-1edaff92-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"NLnet Labs","product":{"name":"NLnet Labs Products","product_id":"CSAFPID-1edb2ee0-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"D-Link Systems Inc.","product":{"name":"D-Link Systems Inc. Products","product_id":"CSAFPID-1edb7ba2-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Contiki OS","product":{"name":"Contiki OS Products","product_id":"CSAFPID-1edbb252-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Tenable Network Security","product":{"name":"Tenable Network Security Products","product_id":"CSAFPID-1edbef88-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"TP-LINK","product":{"name":"TP-LINK Products","product_id":"CSAFPID-1edc2160-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"NetBSD","product":{"name":"NetBSD Products","product_id":"CSAFPID-1edc5162-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Sonos","product":{"name":"Sonos Products","product_id":"CSAFPID-1edc8088-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Google","product":{"name":"Google Products","product_id":"CSAFPID-1edcb404-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Turbolinux","product":{"name":"Turbolinux Products","product_id":"CSAFPID-1edcf036-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"OpenConnect Ltd","product":{"name":"OpenConnect Ltd Products","product_id":"CSAFPID-1edd1fac-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Dell","product":{"name":"Dell Products","product_id":"CSAFPID-1edd599a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Mitel Networks Inc.","product":{"name":"Mitel Networks Inc. Products","product_id":"CSAFPID-1edd8e1a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Nominum","product":{"name":"Nominum Products","product_id":"CSAFPID-1eddd6cc-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Android Open Source Project","product":{"name":"Android Open Source Project Products","product_id":"CSAFPID-1ede1e34-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Cirpack","product":{"name":"Cirpack Products","product_id":"CSAFPID-1ede5c32-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Aspera Inc.","product":{"name":"Aspera Inc. Products","product_id":"CSAFPID-1ede9f6c-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Sony","product":{"name":"Sony Products","product_id":"CSAFPID-1edecfe6-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Cypress Semiconductor","product":{"name":"Cypress Semiconductor Products","product_id":"CSAFPID-1edf0024-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"ADTRAN","product":{"name":"ADTRAN Products","product_id":"CSAFPID-1edf2e96-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"CZ.NIC","product":{"name":"CZ.NIC Products","product_id":"CSAFPID-1edf6ab4-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Technicolor","product":{"name":"Technicolor Products","product_id":"CSAFPID-1edf9926-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Openwall GNU/*/Linux","product":{"name":"Openwall GNU/*/Linux Products","product_id":"CSAFPID-1edfd3c8-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"McAfee","product":{"name":"McAfee Products","product_id":"CSAFPID-1ee01086-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Snort","product":{"name":"Snort Products","product_id":"CSAFPID-1ee04d62-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"SMC Networks Inc.","product":{"name":"SMC Networks Inc. Products","product_id":"CSAFPID-1ee086e2-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"QLogic","product":{"name":"QLogic Products","product_id":"CSAFPID-1ee0b748-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"GNU adns","product":{"name":"GNU adns Products","product_id":"CSAFPID-1ee1135a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"wolfSSL","product":{"name":"wolfSSL Products","product_id":"CSAFPID-1ee1424e-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"ASUSTeK Computer Inc.","product":{"name":"ASUSTeK Computer Inc. Products","product_id":"CSAFPID-1ee1702a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Men & Mice","product":{"name":"Men & Mice Products","product_id":"CSAFPID-1ee1b472-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"TCPWave","product":{"name":"TCPWave Products","product_id":"CSAFPID-1ee1e244-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"AirWatch","product":{"name":"AirWatch Products","product_id":"CSAFPID-1ee21ef8-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Blunk Microsystems","product":{"name":"Blunk Microsystems Products","product_id":"CSAFPID-1ee24ed2-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Alpine Linux","product":{"name":"Alpine Linux Products","product_id":"CSAFPID-1ee286f4-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Actelis Networks","product":{"name":"Actelis Networks Products","product_id":"CSAFPID-1ee2b412-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"HCC","product":{"name":"HCC Products","product_id":"CSAFPID-1ee2e05e-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Zephyr Project","product":{"name":"Zephyr Project Products","product_id":"CSAFPID-1ee31330-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Huawei","product":{"name":"Huawei Products","product_id":"CSAFPID-1ee35db8-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Riverbed Technologies","product":{"name":"Riverbed Technologies Products","product_id":"CSAFPID-1ee39dbe-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Oracle Corporation","product":{"name":"Oracle Corporation Products","product_id":"CSAFPID-1ee3dad6-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Nixu","product":{"name":"Nixu Products","product_id":"CSAFPID-1ee40e84-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"BlueCat Networks Inc.","product":{"name":"BlueCat Networks Inc. Products","product_id":"CSAFPID-1ee44214-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"NIKSUN","product":{"name":"NIKSUN Products","product_id":"CSAFPID-1ee472f2-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Qualcomm","product":{"name":"Qualcomm Products","product_id":"CSAFPID-1ee4b5b4-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Alcatel-Lucent Enterprise","product":{"name":"Alcatel-Lucent Enterprise Products","product_id":"CSAFPID-1ee4e61a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Microchip Technology","product":{"name":"Microchip Technology Products","product_id":"CSAFPID-1ee51414-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Miredo","product":{"name":"Miredo Products","product_id":"CSAFPID-1ee55f28-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Marvell Semiconductor","product":{"name":"Marvell Semiconductor Products","product_id":"CSAFPID-1ee5e434-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Tizen","product":{"name":"Tizen Products","product_id":"CSAFPID-1ee621d8-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"ENEA","product":{"name":"ENEA Products","product_id":"CSAFPID-1ee6519e-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"F-Secure Corporation","product":{"name":"F-Secure Corporation Products","product_id":"CSAFPID-1ee69974-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Bell Canada Enterprises","product":{"name":"Bell Canada Enterprises Products","product_id":"CSAFPID-1ee6ca0c-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"ANTlabs","product":{"name":"ANTlabs Products","product_id":"CSAFPID-1ee6fa4a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"CoreOS","product":{"name":"CoreOS Products","product_id":"CSAFPID-1ee74928-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"IBM Corporation (zseries)","product":{"name":"IBM Corporation (zseries) Products","product_id":"CSAFPID-1ee78c12-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Zebra Technologies","product":{"name":"Zebra Technologies Products","product_id":"CSAFPID-1ee7c510-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Amazon","product":{"name":"Amazon Products","product_id":"CSAFPID-1ee80200-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"CA Technologies","product":{"name":"CA Technologies Products","product_id":"CSAFPID-1ee83112-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-1ee871c2-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Lantronix","product":{"name":"Lantronix Products","product_id":"CSAFPID-1ee8abc4-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Nokia","product":{"name":"Nokia Products","product_id":"CSAFPID-1ee8e666-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"SUSE Linux","product":{"name":"SUSE Linux Products","product_id":"CSAFPID-1ee917e4-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Brocade Communication Systems","product":{"name":"Brocade Communication Systems Products","product_id":"CSAFPID-1ee94a16-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"F5 Networks Inc.","product":{"name":"F5 Networks Inc. Products","product_id":"CSAFPID-1ee9aede-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"A10 Networks","product":{"name":"A10 Networks Products","product_id":"CSAFPID-1ee9f254-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Ruckus Wireless","product":{"name":"Ruckus Wireless Products","product_id":"CSAFPID-1eea249a-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Sophos","product":{"name":"Sophos Products","product_id":"CSAFPID-1eea5866-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Philips Electronics","product":{"name":"Philips Electronics Products","product_id":"CSAFPID-1eeaa834-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Foundry Brocade","product":{"name":"Foundry Brocade Products","product_id":"CSAFPID-1eeaeb00-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"LITE-ON Technology Corporation","product":{"name":"LITE-ON Technology Corporation Products","product_id":"CSAFPID-1eeb1d00-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Palo Alto Networks","product":{"name":"Palo Alto Networks Products","product_id":"CSAFPID-1eeb5ad6-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Buffalo Technology","product":{"name":"Buffalo Technology Products","product_id":"CSAFPID-1eeb917c-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"DragonFly BSD Project","product":{"name":"DragonFly BSD Project Products","product_id":"CSAFPID-1eebd57e-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"Actiontec","product":{"name":"Actiontec Products","product_id":"CSAFPID-1eec07f6-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"VMware","product":{"name":"VMware Products","product_id":"CSAFPID-1eec3910-3a7e-11f1-a172-0afffb3ee71d"}},{"category":"vendor","name":"LG Electronics","product":{"name":"LG Electronics Products","product_id":"CSAFPID-1eec68d6-3a7e-11f1-a172-0afffb3ee71d"}}]}}