CWE-825
Expired Pointer Dereference
The product dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.
CVE-2023-48698 (GCVE-0-2023-48698)
Vulnerability from cvelistv5 – Published: 2023-12-05 00:25 – Updated: 2024-11-27 15:59
VLAI
Title
Azure RTOS USBX Remote Code Execution Vulnerability
Summary
Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host stack and host classes, related to device linked classes, GSER and HID in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity
6.8 (Medium)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/azure-rtos/usbx/security/advis… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| azure-rtos | usbx |
Affected:
< 6.3.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-grhp-f66q-x857",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-grhp-f66q-x857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-08T16:37:06.865828Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T15:59:53.223Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "usbx",
"vendor": "azure-rtos",
"versions": [
{
"status": "affected",
"version": "\u003c 6.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host stack and host classes, related to device linked classes, GSER and HID in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825: Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-05T00:25:03.983Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-grhp-f66q-x857",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-grhp-f66q-x857"
}
],
"source": {
"advisory": "GHSA-grhp-f66q-x857",
"discovery": "UNKNOWN"
},
"title": "Azure RTOS USBX Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48698",
"datePublished": "2023-12-05T00:25:03.983Z",
"dateReserved": "2023-11-17T19:43:37.553Z",
"dateUpdated": "2024-11-27T15:59:53.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23310 (GCVE-0-2024-23310)
Vulnerability from cvelistv5 – Published: 2024-02-20 15:29 – Updated: 2025-11-04 18:28
VLAI
Summary
A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity
9.8 (Critical)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The Biosig Project | libbiosig |
Affected:
2.5.0
Affected: Master Branch (ab0ee111) |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fedora",
"vendor": "fedoraproject",
"versions": [
{
"status": "affected",
"version": "40"
}
]
},
{
"cpes": [
"cpe:2.3:a:the_biosig_project:libbiosig:2.5.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libbiosig",
"vendor": "the_biosig_project",
"versions": [
{
"status": "affected",
"version": "2.5.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23310",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T18:30:36.898914Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T18:31:01.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:28:45.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1923",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1923"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRLGNQM33KAWVWP5RPMAPHWNP3IY5YW/"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libbiosig",
"vendor": "The Biosig Project",
"versions": [
{
"status": "affected",
"version": "2.5.0"
},
{
"status": "affected",
"version": "Master Branch (ab0ee111)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Lilith \u0026gt;_\u0026gt; of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825: Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-10T21:45:05.745Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1923",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1923"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-23310",
"datePublished": "2024-02-20T15:29:31.928Z",
"dateReserved": "2024-01-23T13:26:50.009Z",
"dateUpdated": "2025-11-04T18:28:45.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23638 (GCVE-0-2024-23638)
Vulnerability from cvelistv5 – Published: 2024-01-23 23:23 – Updated: 2025-06-17 21:19
VLAI
Title
SQUID-2023:11 Denial of Service in Cache Manager
Summary
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client Manager reports. Squid older than 5.0.5 have not been tested and should be assumed to be vulnerable. All Squid-5.x up to and including 5.9 are vulnerable. All Squid-6.x up to and including 6.5 are vulnerable. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. As a workaround, prevent access to Cache Manager using Squid's main access control: `http_access deny manager`.
Severity
6.5 (Medium)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://github.com/squid-cache/squid/security/adv… | x_refsource_CONFIRM |
| https://github.com/squid-cache/squid/commit/290ae… | x_refsource_MISC |
| https://github.com/squid-cache/squid/commit/e8118… | x_refsource_MISC |
| https://megamansec.github.io/Squid-Security-Audit… | x_refsource_MISC |
| http://www.squid-cache.org/Versions/v5/SQUID-2023… | x_refsource_MISC |
| http://www.squid-cache.org/Versions/v6/SQUID-2023… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2024020… | |
| https://lists.fedoraproject.org/archives/list/pac… | |
| https://lists.fedoraproject.org/archives/list/pac… |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| squid-cache | squid |
Affected:
< 6.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/squid-cache/squid/security/advisories/GHSA-j49p-553x-48rx",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-j49p-553x-48rx"
},
{
"name": "https://github.com/squid-cache/squid/commit/290ae202883ac28a48867079c2fb34c40efd382b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/squid-cache/squid/commit/290ae202883ac28a48867079c2fb34c40efd382b"
},
{
"name": "https://github.com/squid-cache/squid/commit/e8118a7381213f5cfcdeb4cec1d2d854bfd261c8",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/squid-cache/squid/commit/e8118a7381213f5cfcdeb4cec1d2d854bfd261c8"
},
{
"name": "https://megamansec.github.io/Squid-Security-Audit/stream-assert.html",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://megamansec.github.io/Squid-Security-Audit/stream-assert.html"
},
{
"name": "http://www.squid-cache.org/Versions/v5/SQUID-2023_11.patch",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.squid-cache.org/Versions/v5/SQUID-2023_11.patch"
},
{
"name": "http://www.squid-cache.org/Versions/v6/SQUID-2023_11.patch",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2023_11.patch"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240208-0010/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7R4KPSO3MQT3KAOZV7LC2GG3CYMCGK7H/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWQHRDRHDM5PQTU6BHH4C5KGL37X6TVI/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23638",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-24T16:36:13.499042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:19:27.553Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "squid",
"vendor": "squid-cache",
"versions": [
{
"status": "affected",
"version": "\u003c 6.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client Manager reports. Squid older than 5.0.5 have not been tested and should be assumed to be vulnerable. All Squid-5.x up to and including 5.9 are vulnerable. All Squid-6.x up to and including 6.5 are vulnerable. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid\u0027s patch archives. As a workaround, prevent access to Cache Manager using Squid\u0027s main access control: `http_access deny manager`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825: Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-25T02:06:01.902Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/squid-cache/squid/security/advisories/GHSA-j49p-553x-48rx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-j49p-553x-48rx"
},
{
"name": "https://github.com/squid-cache/squid/commit/290ae202883ac28a48867079c2fb34c40efd382b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/squid-cache/squid/commit/290ae202883ac28a48867079c2fb34c40efd382b"
},
{
"name": "https://github.com/squid-cache/squid/commit/e8118a7381213f5cfcdeb4cec1d2d854bfd261c8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/squid-cache/squid/commit/e8118a7381213f5cfcdeb4cec1d2d854bfd261c8"
},
{
"name": "https://megamansec.github.io/Squid-Security-Audit/stream-assert.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://megamansec.github.io/Squid-Security-Audit/stream-assert.html"
},
{
"name": "http://www.squid-cache.org/Versions/v5/SQUID-2023_11.patch",
"tags": [
"x_refsource_MISC"
],
"url": "http://www.squid-cache.org/Versions/v5/SQUID-2023_11.patch"
},
{
"name": "http://www.squid-cache.org/Versions/v6/SQUID-2023_11.patch",
"tags": [
"x_refsource_MISC"
],
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2023_11.patch"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240208-0010/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7R4KPSO3MQT3KAOZV7LC2GG3CYMCGK7H/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWQHRDRHDM5PQTU6BHH4C5KGL37X6TVI/"
}
],
"source": {
"advisory": "GHSA-j49p-553x-48rx",
"discovery": "UNKNOWN"
},
"title": "SQUID-2023:11 Denial of Service in Cache Manager"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-23638",
"datePublished": "2024-01-23T23:23:19.070Z",
"dateReserved": "2024-01-19T00:18:53.232Z",
"dateUpdated": "2025-06-17T21:19:27.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28889 (GCVE-0-2024-28889)
Vulnerability from cvelistv5 – Published: 2024-05-08 15:01 – Updated: 2024-08-02 01:03
VLAI
Title
BIG-IP SSL vulnerability
Summary
When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity
5.9 (Medium)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://my.f5.com/manage/s/article/K000138912 | vendor-advisory |
Impacted products
Date Public
2024-05-08 14:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28889",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T19:57:41.608842Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:03:33.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:50.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000138912"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"All Modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "17.1.1.3",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "16.1.4.3",
"status": "affected",
"version": "16.1.2.1",
"versionType": "custom"
},
{
"lessThan": "15.1.10.4",
"status": "affected",
"version": "15.1.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-05-08T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker\u0027s control can cause the Traffic Management Microkernel (TMM) to terminate.\u0026nbsp;\u0026nbsp;\u003c/span\u003eNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\u003c/span\u003e"
}
],
"value": "\n\n\nWhen an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker\u0027s control can cause the Traffic Management Microkernel (TMM) to terminate.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825 Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-08T15:01:26.693Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000138912"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": " BIG-IP SSL vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-28889",
"datePublished": "2024-05-08T15:01:26.693Z",
"dateReserved": "2024-04-24T21:34:20.666Z",
"dateUpdated": "2024-08-02T01:03:50.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39792 (GCVE-0-2024-39792)
Vulnerability from cvelistv5 – Published: 2024-08-14 14:32 – Updated: 2024-08-15 14:01
VLAI
Title
NGINX Plus MQTT vulnerability
Summary
When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://my.f5.com/manage/s/article/K000140108 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| F5 | NGINX Plus |
Affected:
R30 , < *
(custom)
|
Date Public
2024-08-14 14:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nginx_plus",
"vendor": "f5",
"versions": [
{
"lessThan": "r32_p1",
"status": "affected",
"version": "r30",
"versionType": "custom"
},
{
"lessThan": "r31_p3",
"status": "affected",
"version": "r30",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39792",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T13:59:03.480979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T14:01:37.776Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"ngx_stream_mqtt_filter_module"
],
"product": "NGINX Plus",
"vendor": "F5",
"versions": [
{
"changes": [
{
"at": "R31 P3",
"status": "unaffected"
},
{
"at": "R32 P1",
"status": "unaffected"
}
],
"lessThan": "*",
"status": "affected",
"version": "R30",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-08-14T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization.\u0026nbsp;\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825 Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T14:32:33.519Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000140108"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "NGINX Plus MQTT vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-39792",
"datePublished": "2024-08-14T14:32:33.519Z",
"dateReserved": "2024-07-22T19:43:52.870Z",
"dateUpdated": "2024-08-15T14:01:37.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45105 (GCVE-0-2024-45105)
Vulnerability from cvelistv5 – Published: 2024-09-13 17:29 – Updated: 2024-09-16 17:38
VLAI
Summary
An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.
Severity
6.7 (Medium)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
1 reference
Impacted products
99 products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lenovo:thinkagile_vx7531_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx7530_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx7330_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx5530_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx3530-g_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx3330_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx2330_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr630_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr650_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx3531-f_all-flash_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx3531_h_hybrid_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx3530_f_all_flash_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx3530-h_hybrid_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx3331-f_all-flash_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx3331-h_hybrid_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx3330-f_all-flash_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx3330-h_hybrid_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx7531_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx7531_node_sap_hana:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx7530_appl_for_sap_hana:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx5531_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx3331_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx3331_node_sap_hana:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx3330_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx2331_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx2330_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx1331_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx3331_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx5530_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinkagile_hx5530_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "afe130c",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinkedge_se450__firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinkedge_se450__firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "cme116d",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinkedge_se360_v2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkedge_se350_v2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinkedge_se350_v2_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "iye110f",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_st258_v3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr258_v3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr250_v3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_st250_v3_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinksystem_st250_v3_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "cte110i",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_sr665_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr645_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx3376_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx3375_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinkagile_hx3375_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "d8e138d",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_sr950_v3_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinksystem_sr950_v3_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "ebe108h",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinkagile_vx650_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx650_v3_dpu_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx650_v3_dpu_integrated_system_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx650_v3_dpu_sap_hana_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx650_v3_dpu_sap_hana_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx650_v3_integrated_system_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx630_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr650_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr630_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx650_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:h:lenovo:thinkagile_mx650_v3_intergrated_system_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_mx630_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:h:lenovo:thinkagile_mx630_v3_intergrated_system_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx630_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx630_v3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx650_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx650_v3_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinkagile_hx650_v3_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "ese126h",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_sd550_v3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sd530_v3_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinksystem_sd530_v3_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "fne118d",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinkagile_vx665_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx665_v3_integrated_system_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx655_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx655_v3_integrated_system_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx645_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx645_v3_integrated_system_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx635_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_vx635_v3_integrated_system_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr665_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr655_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr645_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr635_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx665_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx665_v3_integrated_system_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx665_v3_storage_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx665_v3_storage_integrated_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx645_v3_certified_node_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinkagile_hx645_v3_integrated_system_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinkagile_hx645_v3_integrated_system_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "kae120j",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_sr860_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr850_v2_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinksystem_sr850_v2_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "m5e128i",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinkedge_se455_v3_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinkedge_se455_v3_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "mbe110h",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_sr675_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sd665_v3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinksystem_sd665_v3_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "qge124h",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_sr860_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr850_v3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinksystem_sr850_v3_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "rse110h",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_st258_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_st250_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr258_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr250_v2_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinksystem_sr250_v2_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "tqe116c",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_st658_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_st650_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sr670_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sn550_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sd650-n_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sd650_v2_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sd630_v2_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinksystem_sd630_v2_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "u8e128l",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:thinksystem_st658_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_st650_v3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:lenovo:thinksystem_sd650_v3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "thinksystem_sd650_v3_firmware",
"vendor": "lenovo",
"versions": [
{
"lessThan": "use130g",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45105",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T17:58:05.331232Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T17:38:38.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HX5530 Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX645 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX665 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ST250 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "CTE110I",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX3331 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX1331 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX2330 Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX2331 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX3330 Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX3331 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX3331 Node SAP HANA (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX3375 Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "D8E138D",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX3376 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "D8E138D",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX5531 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX630 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX630 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX645 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX650 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX650 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX665 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX665 V3 Storage Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX665 V3 Storage Integrated Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX7530 Appl for SAP HANA (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX7531 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HX7531 Node SAP HANA (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX3330-F All-flash Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX3330-H Hybrid Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX3331-F All-flash Certified node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX3331-H Hybrid Certified node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX3530 F All flash Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX3530-H Hybrid Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX3531 H Hybrid Certified node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX3531-F All-flash Certified node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX630 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX630 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX650 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX650 v3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SD530 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "FNE118D",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SD550 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "FNE118D",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SD630 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "U8E128L",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SD650 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "U8E128L",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SD650 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "USE130G",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SD650-N V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "U8E128L",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SD665 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "QGE124H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SE350 V2 (ThinkEdge) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "IYE110F",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SE360 V2 (ThinkEdge) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "IYE110F",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SE450 (ThinkEdge) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "CME116D",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SE455 V3 (ThinkEdge) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "MBE110H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SN550 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "U8E128L",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR250 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "TQE116C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR250 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "CTE110I",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR258 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "TQE116C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR258 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "CTE110I",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR630 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR630 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR635 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR645 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "D8E138D",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR645 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR650 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR650 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR655 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR665 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "D8E138D",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR665 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR670 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "U8E128L",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR675 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "QGE124H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR850 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "M5E128I",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR850 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "RSE110H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR860 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "M5E128I",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR860 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "RSE110H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SR950 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "EBE108H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ST250 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "TQE116C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ST258 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "TQE116C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ST258 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "CTE110I",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ST650 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "U8E128L",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ST650 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "USE130G",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ST658 V2 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "U8E128L",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ST658 V3 (ThinkSystem) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "USE130G",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX2330 Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX3330 Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX3530-G Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX5530 Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX630 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX635 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX635 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX645 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX645 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX650 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX650 V3 DPU Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX650 V3 DPU Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX650 V3 DPU SAP HANA Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX650 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX650 V3 SAP HANA Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "ESE126H",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX655 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX655 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX665 V3 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX665 V3 Integrated System (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "KAE120J",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX7330 Appliance (Thinkagile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX7530 Appliance (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VX7531 Certified Node (ThinkAgile) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "AFE130C",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.\u003c/span\u003e"
}
],
"value": "An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825: Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T17:29:08.267Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-165524"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update system firmware to the version (or newer) indicated for your model in the advisory: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-165524\"\u003ehttps://support.lenovo.com/us/en/product_security/LEN-165524\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update system firmware to the version (or newer) indicated for your model in the advisory: https://support.lenovo.com/us/en/product_security/LEN-165524"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-45105",
"datePublished": "2024-09-13T17:29:08.267Z",
"dateReserved": "2024-08-21T19:24:36.785Z",
"dateUpdated": "2024-09-16T17:38:38.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8250 (GCVE-0-2024-8250)
Vulnerability from cvelistv5 – Published: 2024-08-28 23:30 – Updated: 2026-03-27 13:56
VLAI
Title
Expired Pointer Dereference in Wireshark
Summary
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file
Severity
7.8 (High)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.wireshark.org/security/wnpa-sec-2024-… | |
| https://gitlab.com/wireshark/wireshark/-/issues/19943 | issue-trackingpermissions-required |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wireshark Foundation | Wireshark |
Affected:
4.2.0 , < 4.2.7
(semver)
Affected: 4.0.0 , < 4.0.17 (semver) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wireshark",
"vendor": "wireshark",
"versions": [
{
"lessThan": "4.2.7",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.0.17",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8250",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:47:07.749261Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:49:00.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:32:55.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Wireshark",
"vendor": "Wireshark Foundation",
"versions": [
{
"lessThan": "4.2.7",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.0.17",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825: Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T13:56:57.567Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://www.wireshark.org/security/wnpa-sec-2024-11.html"
},
{
"name": "GitLab Issue #19943",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19943"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 4.2.7 or above."
}
],
"title": "Expired Pointer Dereference in Wireshark"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2024-8250",
"datePublished": "2024-08-28T23:30:36.975Z",
"dateReserved": "2024-08-27T23:30:38.599Z",
"dateUpdated": "2026-03-27T13:56:57.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10911 (GCVE-0-2025-10911)
Vulnerability from cvelistv5 – Published: 2025-09-25 15:13 – Updated: 2026-04-29 13:04
VLAI
Title
Libxslt: use-after-free with key data stored cross-rvt
Summary
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
Severity
5.5 (Medium)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:11015 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2025-10911 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2397838 | issue-trackingx_refsource_REDHAT |
| https://gitlab.gnome.org/GNOME/libxslt/-/issues/144 | |
| https://gitlab.gnome.org/GNOME/libxslt/-/merge_re… |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , ≤ 1.1.43
(semver)
|
|||
| Red Hat | Red Hat Hardened Images |
Unaffected:
1.1.45-0.1.hum1 , < *
(rpm)
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
Date Public
2025-08-04 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-29T15:48:55.245495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T15:49:06.055Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://gitlab.gnome.org/GNOME/libxslt",
"defaultStatus": "unaffected",
"packageName": "libxslt",
"versions": [
{
"lessThanOrEqual": "1.1.43",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"packageName": "libxslt-main",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1.1.45-0.1.hum1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "affected",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "libxslt",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
}
],
"datePublic": "2025-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T13:04:05.743Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2026:11015",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11015"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-10911"
},
{
"name": "RHBZ#2397838",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397838"
},
{
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/144"
},
{
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/merge_requests/77"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-24T12:46:50.095Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-08-04T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Libxslt: use-after-free with key data stored cross-rvt",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-825: Expired Pointer Dereference"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-10911",
"datePublished": "2025-09-25T15:13:14.210Z",
"dateReserved": "2025-09-24T12:45:24.913Z",
"dateUpdated": "2026-04-29T13:04:05.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12119 (GCVE-0-2025-12119)
Vulnerability from cvelistv5 – Published: 2025-11-18 20:21 – Updated: 2026-01-14 19:04
VLAI
Title
Bulk write with options may read invalid memory
Summary
A mongoc_bulk_operation_t may read invalid memory if large options are passed.
Severity
6.8 (Medium)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| MongoDB | C Driver |
Affected:
1.9.0 , ≤ 1.30.5
(semver)
Affected: 2.0.0 , ≤ 2.1.1 (semver) |
|
| MongoDB | PHP Driver |
Affected:
0 , ≤ 2.1.2
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T16:14:28.900742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:48:51.591Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-01-14T19:04:31.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00009.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/mongodb/mongo-c-driver",
"defaultStatus": "unaffected",
"product": "C Driver",
"vendor": "MongoDB",
"versions": [
{
"lessThanOrEqual": "1.30.5",
"status": "affected",
"version": "1.9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.1",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://github.com/mongodb/mongo-php-driver",
"defaultStatus": "unaffected",
"product": "PHP Driver",
"vendor": "MongoDB",
"versions": [
{
"lessThanOrEqual": "2.1.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A mongoc_bulk_operation_t may read invalid memory if large options are passed."
}
],
"value": "A mongoc_bulk_operation_t may read invalid memory if large options are passed."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825 Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T20:21:08.252Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://github.com/mongodb/mongo-php-driver/releases/tag/1.21.2"
},
{
"url": "https://github.com/mongodb/mongo-c-driver/releases/tag/1.30.6"
},
{
"url": "https://github.com/mongodb/mongo-c-driver/releases/tag/2.1.2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Bulk write with options may read invalid memory",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-12119",
"datePublished": "2025-11-18T20:21:08.252Z",
"dateReserved": "2025-10-23T16:43:24.098Z",
"dateUpdated": "2026-01-14T19:04:31.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-30653 (GCVE-0-2025-30653)
Vulnerability from cvelistv5 – Published: 2025-04-09 19:57 – Updated: 2025-04-09 20:32
VLAI
Title
Junos OS and Junos OS Evolved: LSP flap in a specific MPLS scenario leads to rpd crash
Summary
An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).On all Junos OS and Junos OS Evolved platforms, when an MPLS Label-Switched Path (LSP) is configured with node-link-protection and transport-class, and an LSP flaps, rpd crashes and restarts. Continuous flapping of LSP can cause a sustained Denial of Service (DoS) condition.
This issue affects:
Junos OS:
* All versions before 22.2R3-S4,
* 22.4 versions before 22.4R3-S2,
* 23.2 versions before 23.2R2,
* 23.4 versions before 23.4R2.
Junos OS Evolved:
* All versions before 22.2R3-S4-EVO,
* 22.4-EVO versions before 22.4R3-S2-EVO,
* 23.2-EVO versions before 23.2R2-EVO,
* 23.4-EVO versions before 23.4R2-EVO.
Severity
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA96463 | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 22.2R3-S4
(semver)
Affected: 22.4 , < 22.4R3-S2 (semver) Affected: 23.2 , < 23.2R2 (semver) Affected: 23.4 , < 23.4R2 (semver) |
|
| Juniper Networks | Junos OS Evolved |
Affected:
0 , < 22.2R3-S4-EVO
(semver)
Affected: 22.4-EVO , < 22.4R3-S2-EVO (semver) Affected: 23.2-EVO , < 23.2R2-EVO (semver) Affected: 23.4-EVO , < 23.4R2-EVO (semver) |
Date Public
2025-04-09 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30653",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T20:32:27.137092Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T20:32:41.398Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "22.2R3-S4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S2",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "22.2R3-S4-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S2-EVO",
"status": "affected",
"version": "22.4-EVO",
"versionType": "semver"
},
{
"lessThan": "23.2R2-EVO",
"status": "affected",
"version": "23.2-EVO",
"versionType": "semver"
},
{
"lessThan": "23.4R2-EVO",
"status": "affected",
"version": "23.4-EVO",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor this issue to occur, MPLS LSP needs to be configured with node-link-protection and transport-class. The tunnel\nneeds to be configured with both primary (strict hops) and secondary (partially strict hops) paths.\u003cbr\u003e\u003cbr\u003e[ protocols mpls label-switched-path tunnel-\u0026lt;name\u0026gt; node-link-protection ]\u003cbr\u003e[ protocols mpls label-switched-path tunnel-\u0026lt;name\u0026gt; adaptive ]\u003cbr\u003e[ protocols mpls label-switched-path tunnel-\u0026lt;name\u0026gt;\u0026nbsp;primary \u0026lt;route1_name\u0026gt; ]\u003cbr\u003e[ protocols mpls label-switched-path tunnel-\u0026lt;name\u0026gt; secondary \u0026lt;route2_name\u0026gt; ]\u003cbr\u003e[ protocols mpls label-switched-path tunnel-\u0026lt;name\u0026gt; transport-class \u0026lt;name\u0026gt; ]\u003c/p\u003e"
}
],
"value": "For this issue to occur, MPLS LSP needs to be configured with node-link-protection and transport-class. The tunnel\nneeds to be configured with both primary (strict hops) and secondary (partially strict hops) paths.\n\n[ protocols mpls label-switched-path tunnel-\u003cname\u003e node-link-protection ]\n[ protocols mpls label-switched-path tunnel-\u003cname\u003e adaptive ]\n[ protocols mpls label-switched-path tunnel-\u003cname\u003e\u00a0primary \u003croute1_name\u003e ]\n[ protocols mpls label-switched-path tunnel-\u003cname\u003e secondary \u003croute2_name\u003e ]\n[ protocols mpls label-switched-path tunnel-\u003cname\u003e transport-class \u003cname\u003e ]"
}
],
"datePublic": "2025-04-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).\u003cp\u003eOn all Junos OS and Junos OS Evolved platforms, when an MPLS Label-Switched Path (LSP) is configured with node-link-protection and transport-class, and an LSP flaps, rpd crashes and restarts. Continuous flapping of LSP can cause a sustained Denial of Service (DoS) condition.\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJunos OS:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions before 22.2R3-S4,\u003cbr\u003e\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3-S2,\u003cbr\u003e\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2,\u003cbr\u003e\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2.\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eJunos OS Evolved:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions before 22.2R3-S4-EVO,\u003cbr\u003e\u003c/li\u003e\u003cli\u003e22.4-EVO versions before 22.4R3-S2-EVO,\u003cbr\u003e\u003c/li\u003e\u003cli\u003e23.2-EVO versions before 23.2R2-EVO,\u003cbr\u003e\u003c/li\u003e\u003cli\u003e23.4-EVO versions before 23.4R2-EVO.\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).On all Junos OS and Junos OS Evolved platforms, when an MPLS Label-Switched Path (LSP) is configured with node-link-protection and transport-class, and an LSP flaps, rpd crashes and restarts. Continuous flapping of LSP can cause a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * All versions before 22.2R3-S4,\n\n * 22.4 versions before 22.4R3-S2,\n\n * 23.2 versions before 23.2R2,\n\n * 23.4 versions before 23.4R2.\n\n\n\n\n\nJunos OS Evolved:\n\n\n\n * All versions before 22.2R3-S4-EVO,\n\n * 22.4-EVO versions before 22.4R3-S2-EVO,\n\n * 23.2-EVO versions before 23.2R2-EVO,\n\n * 23.4-EVO versions before 23.4R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "CWE-825 Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T19:57:37.713Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA96463"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:\u003cbr\u003e\u003cbr\u003eJunos OS:\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e22.2R3-S4, 22.4R3-S2, 23.2R2, 23.4R2, 24.2R1,\u0026nbsp;and all subsequent releases.\u003cbr\u003e\u003c/span\u003e\u003cbr\u003eJunos OS Evolved: 22.2R3-S4-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS:\u00a022.2R3-S4, 22.4R3-S2, 23.2R2, 23.4R2, 24.2R1,\u00a0and all subsequent releases.\n\nJunos OS Evolved: 22.2R3-S4-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA96463",
"defect": [
"1788445"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-09T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS and Junos OS Evolved: LSP flap in a specific MPLS scenario leads to rpd crash",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2025-30653",
"datePublished": "2025-04-09T19:57:37.713Z",
"dateReserved": "2025-03-24T19:34:11.322Z",
"dateUpdated": "2025-04-09T20:32:41.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Choose a language that provides automatic memory management.
Mitigation
Phase: Implementation
Description:
- When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.